An article in the Wall Street Journal (wsj.com) displays HTML special character code instead of the actual character, the greater-than sign. Thus, instead of displaying
>, the article displays
>. This occurs (for me, at least) on Chrome, Firefox, and Safari (all latest versions with cache cleared).
My (limited) understanding is that websites should have the following code in the header:
<meta http-equiv="content-type" content="text/html;charset=utf-8" /> [α]
The wsj.com site has this code in the header:
<meta charset="UTF-8">. Is this the cause of the problem? In other words, if the WSJ site had
<meta http-equiv="content-type" content="text/html;charset=utf-8" /> in the header, would we see
> instead of
The Wall Street Journal article is:
- Stern, Joanna. "iOS 14 Review: Your iPhone Will Look Completely Different Now, if You Want." Wall Street Journal (16 September 2020).
The article is probably behind a firewall, so here is an image of the sentence as it appears in the article:
α. Kyrnin, Jennifer. "How to Use Special Characters in HTML." Lifewire (20 February 2020).
I've got a website that I've got set up on wordpress currently for a customer, and I'm not really happy with the speed of the site.
I was able to get the wordpress site up, but my html skills are probably beginner to intermediate. I'm currently in a full stack html bootcamp, so that should help somewhat. As part of my learning, I figured I would try to recreate that website in HTML to see if it would be any faster. That's created some general design questions, though:
1) WordPress has a…
Porting wordpress to html
We have an online html file that is accessible through the browser, we want this to be available offline and looking in to it the best thing would be using the App Cache with a manifest file.
I believe i have done all the steps correctly but it still doesn’t preload all the files for the html. Here is what i have done:
1. Updated the html tag to read
html manifest="location of manifest file"
2. Created a manifest file listing the individual files
3. Edited the .htaccess file with
AddType text/cache-manifest .manifest ExpiresByType application/x-web-app-manifest+json "access plus 1 year" ExpiresByType text/cache-manifest "access plus 1 year"
Any ideas why this is not working?
I’m working on securing an application that receives SQL and HTML-like information that is actually proprietry formulas in some cases, and parts of XML documents in other cases.
So the WAF thinks some HTTP requests are SQL or HTML injection attacks while they actually aren’t.
So how can I send these formulas and XML informaiton without triggering those WAF rules? I tried encoding the data but that didn’t work.
We announced Frontendor.com HTML blocks & templates library last days after we focused on three essentials gaols:
✦ Neat code, easy to customize
✦ Separate blocks, easy to integrate
✦ Create landing pages by COPY-PASTE.
This way, we can build a new landing page every time just by copying the HTML & CSS from our library.
We would love to hear your very honest feedback and suggestion. Thank you.
PS: If you liked Frontendor and want to support us. You can grab your deal with…
To all html & css lovers. We made this UI Library for you
I’m working on a website and I noticed that if I go to the following URL:
website.com/page?alert() this message is reflected in the action form. I tried to close the action attribute using double quotes in order to try a classic like
" onload="alert(1)" but double quotes are URLencoded if i read the source code. Do you have some suggestion? Or is just a rabbit hole? Thanks
<form method="post" action="./page?alert()" id="cn"> <div class="n">
I'm trying to create a simple personal offline home page with text links that can be edited without the user having to go into the html code.
I have the home page with some blank links done but need some way to edit the links from a form for people who don't understand html.
Thanks for any help!
I have a lot of pages of code on a site and one of this has a problem. I’d like to past and replace the code to another, but without having to go through each of the hundreds of pages. How can I do this? Many thanks!
My question is about specific technicalities of the switch from HTML website to WordPress. I looked through similar questions but my question still remains.
I think my situation is pretty standard.
I’m about to switch my current HTML website to WordPress. My website has been up since 2006.
Main details of the transition:
-My current site is in the
-Most pages have .php extension
-The WordPress folder is
/clickandbuilds/mywebsite (WordPress.org, hosted by 1&1)
-I’ll also need to do 301 redirects for all .php pages to the WP pages
I guess my main question is the following:
Is it safe to just switch my domain from the /public folder to the WordPress folder once everything is ready? I assume it’s a standard procedure – but still wanted to get a second opinion.
I recently came across a behavior in a web application where the application (through the use of the header ‘Content-Disposition: attachment’) offers to download an HTML file instead of allowing it to get parsed by the browser. Interestingly, the GET requests to the URL that lets you download the HTML page passes the absolute path of the HTML file that will be downloaded – starting all the way from
/usr/local....<snip>/public/mypage.html . If an attacker has the privilege to upload an HTML file to this location (public), apart from an XSS attack, what else can he/she do on the machine of a victim who downloads and open the HTML file crafted by the attacker.