lemmy.world is a victim of an XSS attack right now and the hacker simply
injected a JavaScript redirection into the sidebar. It appears the Lemmy backend
does not escape HTML in the main sidebar. Not sure if this is also true for
community sidebars.
[https://sh.itjust.works/pictrs/image/707c0f16-3d5c-4888-b865-34228d968ee6.png]
That didn’t work, but I have solved it. I had to take the emoji out of my display name. No idea why that has any impact, but it did.
i’ll be damned if I’m removing my identity just to protect my account
I’ve been playing around and it’s only some emojis it has a problem with. Your bagels are safe.
Mine worked with emoji. You can continue to be you.
The 2FA system might just be prejudiced against birds. I tried putting it back in after it was set up and it won’t save my settings if the emoji is there. It’s very weird.
Can you move the bird to the back of your name and test?
It won’t let me put it anywhere in the field. A bagel or a smiley face are find, but I can’t do the bird, or a black cat. It might be something to do with the specific emoji - both the black bird and cat are a standard bird/cat paired with a black square which display as a single emoji on some systems.
At a guess your emoji is part of a a newer unicode table and something in the lemmy backend has an older version that doesn’t include it.
thank you, and the 2FA set up was actually the easiest i’ve ever set up on iOS. a little too easy …