How do you prevent HTML special character coding from displaying on a website?

An article in the Wall Street Journal ( displays HTML special character code instead of the actual character, the greater-than sign. Thus, instead of displaying >, the article displays >. This occurs (for me, at least) on Chrome, Firefox, and Safari (all latest versions with cache cleared).

My (limited) understanding is that websites should have the following code in the header:

<meta http-equiv="content-type" content="text/html;charset=utf-8" /> [α] 

The site has this code in the header: <meta charset="UTF-8">. Is this the cause of the problem? In other words, if the WSJ site had <meta http-equiv="content-type" content="text/html;charset=utf-8" /> in the header, would we see > instead of &gt;?

The Wall Street Journal article is:

  • Stern, Joanna. "iOS 14 Review: Your iPhone Will Look Completely Different Now, if You Want." Wall Street Journal (16 September 2020).

The article is probably behind a firewall, so here is an image of the sentence as it appears in the article:

sentence in WSJ article displaying HTML special character code



α. Kyrnin, Jennifer. "How to Use Special Characters in HTML." Lifewire (20 February 2020).

Does Two Factor Authentication (2FA) prevent Phishing and/or Man-in-the-Middle (MITM) attacks?

While 2FA is clearly an improvement over only a single factor, is there anything which prevents an adversary presenting a convincing sign-in page which captures both factors?

I realise that technically a MITM attack is different to a Phishing attack, though at a high level they’re very similar — the user is inputting their credentials into an attacker-controlled page and the attacker can then input the credentials onwards into the real page.

Does Chill Touch Prevent Druid’s Wild Shape from Recovering Hit Points?

Does the Chill Touch cantrip’s secondary effect prevent a Druid from regaining hit points via Wild Shape?

Chill Touch reads:

… On a hit, the target takes 1d8 necrotic damage, and it can’t regain hit points until the start of your next turn.

Wild Shape:

… When you transform, you assume the beast’s hit points and Hit Dice.

RAW: Is "assume" the same as "regain"?

How can I prevent my players from teleporting out to escape any dungeon?

My high-level party now has 2 casters able to cast teleport. They can now run into any dungeon and just escape freely when things get dangerous. Forbiddance does not prevent you from teleporting out and Antimagic Field is a 10ft radius spell that requires concentration.

How can I prevent my players from pulling off this cheesy strategy against smart opponents who have witnessed this strategy multiple times and can plan beforehand?

So far, I’ve only come up with Darkness spells (to prevent players from seeing each other to teleport) or Counterspells at the time of cast. Both are fairly unsatisfactory solutions, PCs can just run into another room, or behind a pillar, and teleport there. Is there any RaW way to protect the entire dungeon?

Prevent block from being used in main editor, use only as inner block

I am currently using the allowed_block_type filter to control the available blocks in my theme, similar to the following example:

function acf_allowed_blocks($  allowed_blocks, $  post) {     // Register core blocks     $  core_blocks = array(         'core/buttons',         'core/heading',         'core/image',         'core/list',         'core/paragraph',     );      // Register custom blocks     $  custom_blocks = array(         'acf/test-block',     );      // Register plugin specific blocks     $  plugin_blocks = array(         'gravityforms/form',     );      // Specify block groupings available on specific post types     switch ($  post->post_type) {     case 'post_type_example':         $  allowed_blocks = array_merge($  core_blocks);         break;     default:         $  allowed_blocks = array_merge($  core_blocks, $  custom_blocks, $  plugin_blocks);     }      return $  allowed_blocks; } add_filter('allowed_block_types', 'acf_allowed_blocks', 10, 2); 

While this works perfectly, I am trying to determine whether or not it’s possible to remove the gravityforms/form block, but allow it inside the acf/test-block. Currently, if I remove the block from this function, it’s also becomes unavailable as an inner block in my ACF block markup, which looks like this:

$  allowed_blocks = array( 'gravityforms/form' ); echo '<InnerBlocks allowedBlocks="' . esc_attr(wp_json_encode($  allowed_blocks)) . '" />'; 

Does anyone have any idea on whether or not this is even possible with the current state of Gutenberg? I can just as easily live with it being available as both a main and an inner block, but it would be my preference to only use it as an inner block.

How do I prevent hackers that use developer apps to manipulate devices

I received a screen shot from someone that was intetionally setting me up to be hacked. The picture had some kind of hidden code that left my device venerable. Shortly after my device was completely taken over by hackers using code and developers apps. I tapped on the build number on my phone 8 times to access developer options. When I did I got a pop up saying I am already a developer. This has now been going on a long time and I have been able to narrow thinga down. I need assistance with cleaning out the device. If I restore the device it restores from an existing back up and makes it worse. Thank you

Programming language designed to prevent security issues from occurring? [closed]

I’m working on creating a new programming language and trying to find that first niche to tailor it to. Would you appreciate a programming language that would make it as easy as possible to encrypt & salt all information stored in databases & files and sent over the network, etc?

I already have it so that it’s as fast as C++ but guaranteed to be memory and thread-safe without the programmer having to think twice about it.

The idea is that you write it quickly and productively and don’t have to think about the security, because it’s already baked into the end product.

How to prevent scrying, Locate Person, teleportation, planeswalking, Locate City, and other intrusions in the name of national security [closed]

I am writing a story set in a modern world where D&D magic works. Now, I also have a Cheyenne Mountain like set of facilities in my world, underground hardened military airbases. Obviously, you don’t want any old bloke to be able to just use the Etherealness spell to waltz in through the walls and steal a nuclear warhead. You also don’t want the enemy war leader to be able to see inside your war room. And teleportation would really be a security disaster. Could the unit’s mages cast Mind Blank on every single one of the 570 staff of the base?

I had a couple ideas, using a multiple castings of or a homebrew larger version of the Forbiddance spell to cover every cubic foot of space inside the mountain and a similar method with Anti-Magic Field around the boundaries. This seems to block anything short of divine intervention, but I was thinking of asking you folks here about ideas as well. Would my idea work? Do you have any suggestions? Perhaps a magic item that could do the protection?

I’m not concerned as to which version the spell/item comes from.

How to prevent metagame in betrayal/PvP scenarios?


Often the metagaming problem is about how the DM presents the things to the players. We have lots of questions and good answers in the metagaming tag. Most of them are about concealing information, though, as Make their knowledge uncertain, hide info and add "meaningless" thing, etc.

For PvP scenarios, this also applies: the player can write down a note and give it to the DM. The problem is: when the PvP gets too heavy, every player writing down a note for every action so they can conceal information takes too much time. Also, while concealing the information hides the information itself, there’s also meta-information about the fact the player concealed information to start with: "Why is he hiding things from us? He’s up to something." – and this leads to metagaming by itself. This question is more on this second problem.


One such scenario that happened to me was, while a group of friends was playing Curse of Strahd, one player decided that he wanted to eventually betray the party and help Strahd instead. An important member of PC’s family was in Barovia and kept under Strahd’s control (only he knew about it), and he loved more that member than the party.

As I mentioned, the player started to behave suspiciously (the player, not the PC) for the other players. In particular, we (I, the DM, and the traitor player) were trading notes often.

Gradually, the other PCs started becoming too aware of the traitor’s PC, even though there was no in-game reason for that (yet). That took around 2 sessions of 4 hours. From this point onwards, everything went astray. They would constantly be suspicious of his (character’s) actions and what he said. After they got him lying about I don’t even remember what, they would even "try to listen carefully if there was a conversation going on in his bedroom". Note that by this time, the characters already had information enough to actually be suspicious. The problem is that they would never have gotten (okay, they might, but certainly not how they did) this information if the characters were behaving normally from the start.

To be clear, the notes were traded in times the party was split, e.g. when they were about to sleep (separate rooms, rich party).

This might make the question too broad, but I’m interested in solutions as any person involved in the problem, i.e.

  • As the DM handling the situation.
  • As the player betraying the party.
  • As the players being betrayed.

I’m interested in solutions as anyone because I think there were flaws in everyone’s actions and I often find myself in the position of any of them, although in this specific scenario I was the DM.

It didn’t become a personal problem, and even the traitor player didn’t want to argue and make a fuss over it, so we didn’t talk about it. It did give me a bad taste, though.

Important Note on the Problem

As you can see, most of the question is in the past tense. That’s because it’s something that happened a while ago. I’m more interested in how to prevent metagaming based on out-of-game information—specifically during betrayal scenarios—from happening again, since the campaign where it happened is long dead, including the PCs. (I mention the campaign is dead because this means there’s no use handling the problem now – it doesn’t exist any more. That’s why I want to prevent it, not handle it.)

Social Contract

These details are mostly for people thinking "OMG traitor player! Don’t do that!"

  • We had all agreed with the possibility of betrayals in the campaign, both from NPCs and from other players. This might actually have increased the metagaming problem, as they knew betrayal was a possibility.
  • Metagaming was agreed to be "bad", but it seems the players couldn’t control themselves on that, because the meta-information was too much.

Bad Answers

Honestly, I don’t want to tell you how to answer my question, but metagaming questions are having some answers that are not helpful for me. I’ll list some that I’m saying in advance: this won’t help me.

  • "Don’t play a PvP campaign" – Check this meta for why this is bad: Can we affirm that RPG.SE embraces a plurality of playstyles? – there are people that have fun playing PvP.
  • "Stop caring about metagame" – Same meta.
  • "Don’t betray your party, the player should have asked for help from the party" – Same meta.
  • "Don’t create a scenario where your player/PC wants to betray the party" – Really? For me that’s one of the most interesting scenarios I can create. Also, it can be done correctly, even if it failed this time.
  • "Don’t allow them to do X" – As the DM, I don’t want to remove player’s agency, even if it ultimately means I’m allowing metagame.

Related Question

The most similar I could find is How to prevent players from metagaming when they split the party?. The question is still pretty different simply because of the PvP nature of mine.

Online Gaming

I can see the value of playing online or IRL with everyone having a notebook and having private chatrooms with that. I’ve done that and it completely solves the issue. Sadly, I can’t do that with every group. In particular, my current group is so problematic with Facebook/WhatsApp/Instagram that we had to ban cellphones so they wouldn’t lose concentration every 10 secs. We’re already low on time and I don’t want "hey check this cute cat video" interruptions – and I know I’ll be getting them if cellphones/notebooks are on the table.