It would make more sense to escape all submitted html instead of trying to sanitise it, also add a sensible character limit. At the moment this guestbook seems to be unusable.

I'd also like to note that doing purification on the client on submit [0] isn't wise - anyone can just skip purification and post something malicious directly to the netlify function. If you absolutely have to sanitisation on the client - at least do it on render instead.

[0] https://github.com/sgolovine/sunnygolovine.com/blob/master/s...

In case anyone else is looking for it, here's the blog post that goes along with this page:

https://sunnygolovine.com/post/make-a-guestbook

I want to thank everyone that checked out my guestbook, I should have done some more QA before submitting.

Currently working on fixing the issues.

I was concerned because the blog post said that the sanitized the input before sending it, and looking at the network requests agreed!

However while you can submit HTML directly it is displayed as text on the client anyways. So I am wondering why they even bother to "sanitize" it. It just munges the comments for no reason.

Maybe add some styling to each entry? Now it looks a bit strange, more like a single post trying to drop your non-existing database.

I’m sure it’s neat but nothing loads when I access it on my iPhone and it repeatedly hijacked my back button.

Pretty cool! Is there a GitHub repo we can have a look at?

Btw, the social links at the top of your website don’t work ;)

Maybe they fixed it, the github social link works fine.

Repo is here...

https://github.com/sgolovine/sunnygolovine.com

Deploying of lambda functions from the repo through netlify is pretty neat have a look in the functions folder.

Damn your guest book got wrecked, I just see a thousand random <img> shenanigans