fsebugoutzone.org:9999

       Post AW2CTihEKysUG1Lnkm by Binkle@sleepy.cafe
 (DIR) More posts by Binkle@sleepy.cafe
 (DIR) Post #AW26NEhCMllXkYrQo4 by animeirl@shitposter.club
       2023-05-26T02:30:51.378602Z
       
       1 likes, 0 repeats
       
       Just a little test:&lt;script&gt;alert(&quot;graf is a faggot&quot;)&lt;/script&gt;
       
 (DIR) Post #AW26ZHt4KI7D7h9xWC by animeirl@shitposter.club
       2023-05-26T02:33:01.702438Z
       
       0 likes, 0 repeats
       
       
       
 (DIR) Post #AW26cYt5ZlkaiXjLEW by kirby@freespeechextremist.com
       2023-05-26T02:33:38.153874Z
       
       0 likes, 0 repeats
       
       @animeirl please no please no
       
 (DIR) Post #AW26n3iHoyvFDYgPHE by bajax@bajax.us
       2023-05-26T02:35:26.401732Z
       
       1 likes, 0 repeats
       
       @animeirl first off you gotta post in HTML mode second script tags are expressly filtered by the renderer...But if you had a way to construct a status directly you could maybe bypass that.  Then the script they slipped onto poa.st would execute like normal (because it&#39;s loading from the same domain etc)I don&#39;t know that pleroma sanitizes federated statuses for script tags
       
 (DIR) Post #AW28sS1T4CnVy5LzuK by animeirl@shitposter.club
       2023-05-26T02:58:53.212944Z
       
       0 likes, 0 repeats
       
       @bajax i posted text/html directly via the api doesnt work unless there&#39;s something that bypasses it on federation
       
 (DIR) Post #AW29LYJwjJU3tnsEAS by bajax@bajax.us
       2023-05-26T03:04:04.784731Z
       
       0 likes, 0 repeats
       
       @animeirl did it strip the tags or do something else?
       
 (DIR) Post #AW29QcnvUI2RFiJbUW by animeirl@shitposter.club
       2023-05-26T03:05:04.680011Z
       
       0 likes, 0 repeats
       
       @bajax tags get stripped. could be that this doesn&#39;t happen on federation though
       
 (DIR) Post #AW29WpSHMgU0E49FhY by bajax@bajax.us
       2023-05-26T03:06:07.771166Z
       
       1 likes, 0 repeats
       
       @animeirl worth looking into.  @Binkle apparently you&#39;ve managed to get raw unsanitized (or less-sanitized) HTML to display on pleroma before?
       
 (DIR) Post #AW2BX08dqQNzGfAmTw by Binkle@sleepy.cafe
       2023-05-26T03:28:37.790076Z
       
       0 likes, 0 repeats
       
       @bajax @animeirl i forgetti can you remind me which incident are you thinking of
       
 (DIR) Post #AW2BpnWKyuYxdWDeeu by bajax@bajax.us
       2023-05-26T03:31:58.545708Z
       
       1 likes, 0 repeats
       
       @Binkle @animeirl I don&#39;t actually know, bot mentioned it.  You apparently were able to post a large image or something.
       
 (DIR) Post #AW2CG1URfLBqUVq6SG by Binkle@sleepy.cafe
       2023-05-26T03:36:45.125905Z
       
       2 likes, 0 repeats
       
       @bajax @animeirl oh right right that was just an image embed like this
       
 (DIR) Post #AW2CKKYwhER8nmzy2S by bajax@bajax.us
       2023-05-26T03:37:32.157879Z
       
       1 likes, 0 repeats
       
       @Binkle @animeirl Ah, so it wasn&#39;t special knowledge just regular HTML thanks for confirming.
       
 (DIR) Post #AW2CTihEKysUG1Lnkm by Binkle@sleepy.cafe
       2023-05-26T03:39:14.029723Z
       
       1 likes, 0 repeats
       
       @bajax @animeirl yeah sorry about that i have very little knowledge of web programming im mostly a systems and applications guy