The use of HTML tags like inside a YAML bio field that is rendered via Nunjucks might lead to XSS vulnerabilities if not properly sanitized. It is safer to use Markdown formatting (as done with the bold text) and ensure the template rendering context handles escaping appropriately.
I'm **Ken Horlador** from Camarines Sur, Philippines. I enjoy learning programming languages and libraries/frameworks like [ReactJS](https://reactjs.org/) with [GatsbyJS](https://www.gatsbyjs.com/) or [NextJS](https://nextjs.org/). I also enjoy wireframing, developing user flows, user interface, user experience and design in general.
Originally posted by @gemini-code-assist[bot] in #402 (comment)
The use of HTML tags like inside a YAML bio field that is rendered via Nunjucks might lead to XSS vulnerabilities if not properly sanitized. It is safer to use Markdown formatting (as done with the bold text) and ensure the template rendering context handles escaping appropriately.
I'm **Ken Horlador** from Camarines Sur, Philippines. I enjoy learning programming languages and libraries/frameworks like [ReactJS](https://reactjs.org/) with [GatsbyJS](https://www.gatsbyjs.com/) or [NextJS](https://nextjs.org/). I also enjoy wireframing, developing user flows, user interface, user experience and design in general.Originally posted by @gemini-code-assist[bot] in #402 (comment)