To make sure Defang is enabled, the following should be a block of red text instead of an image:
Defang interferes with markup in various ways1.
One interference is with decoding the hex sequences for certain special characters in URLs:
this link should contain %26, not & company people hate.
this link should contain %40, not @: dandv's Perl bugs; incidentally, '@' is passed through the GET parameter
? instead of %3F in anchors:
Perl's learning curve is "shallow (easy to learn)" and long.
Another interference is that Defang actually destroys certain types of links:
In the following example, (2008 is removed from the URL: California Proposition 8
in this example, the characters B588 following a { are lost: link (by chance, the link lands correctly thanks to the remote site ignoring the GUID)
%\d\d sequences are not read as % followed by two hex digits, but as % followed by 2 or more hex digits (or other characters even). This leads to corrupt Unicode characters:
YouTube links, once expanded (i.e. not in preview mode) are defanged too: embed src becomes `embed defang_src:
for example, it defangs the id attribute of footnotes (their a and li elements). ↩