(Noted on Edge on Win 11, but i assume it would be a problem in all browsers and all OSes.)
I got a notification in my dashboard that included part of an HTML tag. The partial tag seems to have messed up the formatting of the rest of the page. I was trying to think if this behavior could be exploited for some sort of scripting attack, but I don’t have time to look into that sort of thing this morning. (I assume it could be exploited to deliver a targeted attack, though, and it should probably be fixed sooner than later.)
That journal post with the notification issue was where I had directly pasted in a version in html derived by @koos_the_reader from the forum post I made. (I don’t know how to do html things myself anymore.) Sorry if I have created any problems!
<li>Your notifications through 3rd party: <a class="mention" href="/u/pisum">@pisum</a> has provided a rich <a href="https://jumear.github.io/stirfry/iNat_observations_updates.html" rel="noopener nofollow ugc">separate interface</a> to replace the dropdown. Click through the authorizations to use it.</li>
or it could be the orphaned </ol> at the end. oops
full html of the post as it currently is. I will edit it to fix the mentions
<p><strong>MISSION BRIEFING</strong></p>
<p>In this challenge we’ll visit “Darkest” [<a href="https://www.inaturalist.org/projects/low-growth-countries-and-territories" rel="noopener nofollow ugc">1</a>,<a href="https://www.inaturalist.org/blog/82561-150-000-000-observations-on-inaturalist" rel="noopener nofollow ugc">2</a>] Africa. Over the course of the month, we’ll find out whether <a href="https://www.researchgate.net/publication/372310054_Identifying_the_identifiers_How_iNaturalist_facilitates_collaborative_research-relevant_data_generation_and_why_it_matters_for_biodiversity_science" rel="noopener nofollow ugc">identifiers can make a difference</a> for plant observations on this <a href="https://www.inaturalist.org/projects/african-biogeographic-regions" rel="noopener nofollow ugc">ecological diverse</a> continent.</p>
<p>How are we <strong>coordinating</strong> the operation?</p>
<ul>
<li><a href="https://www.inaturalist.org/projects/flora-of-africa/" rel="noopener nofollow ugc">Flora of Africa</a> is the collection project we’ll watch to monitor id progress over time. This contains all African Plantae currently identified from Tracheophyta onward.</li>
<li><a href="https://www.inaturalist.org/projects/mission-impossible-identify-plantae-in-africa" rel="noopener nofollow ugc">Mission Impossible - Identify Plantae in Africa</a> is the challenge’s traditional project. Its journal will provide updates. Observations placed into the project may be notable for their examples, discussions, mentoring needs or other features.</li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528">Mission Impossible - Identify Plantae in Africa</a> is the present thread for freeform discussion, questions and general enthusiasm. Updates would be crosslinked here (so you don’t have to join the project to find updates.)</li>
<li><a href="https://discord.gg/wS5KwHV9" rel="noopener nofollow ugc">iNat IDathon Discord server</a> is also available during the challenge for id discussion (thanks to <a class="mention" href="/u/astra_the_dragon">@astra_the_dragon</a> and <a class="mention" href="/u/arboretum_amy">@arboretum_amy</a> for the help there)</li>
</ul>
<p>What <strong>online resources</strong> are already available to identify African plants?</p>
<ul>
<li><a href="https://www.inaturalist.org/projects/flora-of-africa/journal/14207-online-resources-for-plant-identification-in-africa" rel="noopener nofollow ugc">Flora of Africa’s single journal post</a> has a rich collection of resources linked.</li>
<li><a href="https://keys.lucidcentral.org/keys/v3/South_African_Plant_Families/key/South%20African%20Plant%20Families/Media/Html/home.htm" rel="noopener nofollow ugc">Guide to plant families of southern Africa</a> has keys, potential application to other parts of Africa, and author(s) who are iNatters. (<a href="https://www.researchgate.net/publication/256293917_Guide_to_plant_families_of_southern_Africa" rel="noopener nofollow ugc">pdf access</a>)</li>
</ul>
<p>Which <strong>links</strong> will we use to identify Plants?</p>
<p>The links below are presented in “identify modal” format, and contain certain elements that you can keep or remove as you like. Notable elements of these links:</p>
<ul>
<li>Flora of Africa project, for Tracheophyta and farther: &project_id=12505</li>
<li>All of Africa: &place_id=97392</li>
<li>Africa without the Cape region, excluding a “less dark,” higher observation count area: &place_id=97392&not_in_place=123067</li>
<li>Random sort, an easy way to access observations that are not the “newest” or “oldest” 10K. Refresh page for a new set. It doesn’t give a page count while in use (if you care). Remove from url to see current page count: &order_by=random</li>
<li>Observations per page, when set at 100 from default 30, allows quick estimate of progress outside of random sort (136 pages is about 13.6K observations): per_page=100</li>
<li>Grace period exclusion of last 3 months’ new observations, optional to add to link if you want: &created_d2=2023-05-01&createdDateType=range</li>
</ul>
<p>I will <strong>use the following links to watch progress</strong>. Use any of these directly, or make your own to “choose your own adventure” for the mission! (Observation counts in K shown below are from Day “t minus 1”, on 7/31.)</p>
<p><strong>Mission: Add them!</strong> These observations are not yet in <a href="https://www.inaturalist.org/projects/flora-of-africa/" rel="noopener nofollow ugc">Flora of Africa</a>. Getting any observation from these links to Tracheophyta or better will add them to the project:</p>
<ul>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&taxon_id=47126&hrank=kingdom&lrank=kingdom&order_by=random" rel="noopener nofollow ugc">Plantae at Kingdom in Africa</a>, 47.3K mostly Tracheophyta. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&taxon_id=47126&hrank=kingdom&lrank=kingdom&order_by=random" rel="noopener nofollow ugc">NonCape</a>, 39.2K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&iconic_taxa=unknown&without_taxon_id=48460&photos=true&verifiable=true&place_id=97392&order_by=random" rel="noopener nofollow ugc">Unknowns in Africa</a>, 21.1K mostly Tracheophyta. <a href="https://www.inaturalist.org/observations/identify?per_page=100&iconic_taxa=unknown&without_taxon_id=48460&photos=true&verifiable=true&place_id=97392&not_in_place=123067&order_by=random" rel="noopener nofollow ugc">NonCape</a> 15.2K.</li>
<li><a class="mention" href="/u/jeanphilippeb">@jeanphilippeb</a> 's <a href="https://www.inaturalist.org/journal/jeanphilippeb/73398-phylogenetic-projects-for-unknown-observations" rel="noopener nofollow ugc">Phylogenetic projects for unknowns</a> contain many African observations, and are pre-sorted with the help of CV. Notable related projects include <a href="https://www.inaturalist.org/projects/unknown-trees-of-southern-africa-1" rel="noopener nofollow ugc">Trees 1</a> and <a href="https://www.inaturalist.org/projects/unknown-trees-of-southern-africa-2" rel="noopener nofollow ugc">Trees 2</a>.</li>
</ul>
<p><strong>Mission: Improve them!</strong> These “slices” of observations are already in <a href="https://www.inaturalist.org/projects/flora-of-africa/" rel="noopener nofollow ugc">Flora of Africa</a>:</p>
<ul>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&hrank=phylum&lrank=class&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">Phylum through Class</a>, 58.3K. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&hrank=phylum&lrank=class&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">NonCape</a>, 39.5K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&hrank=class&lrank=class&project_id=12505&taxon_id=47124&order_by=random" rel="noopener nofollow ugc">Just Class Dicots</a> (difficult or not), 29.6K. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&hrank=class&lrank=class&project_id=12505&taxon_id=47124&order_by=random" rel="noopener nofollow ugc">NonCape</a>, 19.9K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&hrank=subclass&lrank=subtribe&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">Subclass through Subtribe</a> at Needs ID, 105.5K. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&hrank=subclass&lrank=subtribe&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">NonCape</a> 53.9K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&hrank=genus&lrank=complex&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">Genus through Complex</a> at Needs ID, 338.4K. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&hrank=genus&lrank=complex&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">NonCape</a> 139.4K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&hrank=species&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">Species and farther</a> at Needs ID, 410.5K. <a href="https://www.inaturalist.org/observations/identify?per_page=100&photos=true&verifiable=true&place_id=97392&not_in_place=123067&hrank=species&project_id=12505&taxon_id=211194&order_by=random" rel="noopener nofollow ugc">NonCape</a> 204.5K.</li>
</ul>
<p><strong>Side Mission: Tend Captive Plants!</strong> These won’t go to <a href="https://www.inaturalist.org/projects/flora-of-africa/" rel="noopener nofollow ugc">Flora of Africa</a>, but you can still be a hero in helping to sort these out.</p>
<ul>
<li><a href="https://www.inaturalist.org/observations/identify?quality_grade=casual&per_page=100&iconic_taxa=unknown&without_taxon_id=48460&photos=true&place_id=97392&captive=true&order_by=random" rel="noopener nofollow ugc">Unknowns marked captive in Africa</a>, 10.7K mostly Tracheophyta. <a href="https://www.inaturalist.org/observations/identify?quality_grade=casual&per_page=100&iconic_taxa=unknown&without_taxon_id=48460&photos=true&place_id=97392&not_in_place=123067&captive=true&order_by=random" rel="noopener nofollow ugc">NonCape</a> 4.5K.</li>
<li><a href="https://www.inaturalist.org/observations/identify?quality_grade=casual&per_page=100&iconic_taxa=Plantae&photos=true&place_id=97392&captive=true" rel="noopener nofollow ugc">Plantae marked captive in Africa</a>, 191.8K mostly Tracheophyta. <a href="https://www.inaturalist.org/observations/identify?quality_grade=casual&per_page=100&iconic_taxa=Plantae&photos=true&place_id=97392&not_in_place=123067&captive=true" rel="noopener nofollow ugc">NonCape</a>, 82.9K.</li>
</ul>
<p>Are there <strong>guidelines for identifiers</strong>?</p>
<ul>
<li><a href="https://forum.inaturalist.org/t/identification-etiquette-on-inaturalist-wiki/1503">Etiquette</a> - current best practices</li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/68">Limit notifications to others</a> where you can.</li>
<li>Your notifications through site: When you id a lot, you get a lot of feedback. Your unread notifications are the count icon in the upper right corner of any <a href="http://inaturalist.org" rel="noopener nofollow ugc">inaturalist.org</a> page. If you click the icon, they are presented in sets of 200 as a dropdown. If you click directly on one item in the dropdown, the whole list may be cleared accidentally. Try “control click” (Windows) or other means to send each item to a new tab without affecting the dropdown. You can “turn off agreeing notifications” to limit the simplest ones, although you may then miss experts’ comments along with experts’ agreements.</li>
<li>Your notifications through 3rd party: <a class="mention" href="/u/pisum">@pisum</a> has provided a rich <a href="https://jumear.github.io/stirfry/iNat_observations_updates.html" rel="noopener nofollow ugc">separate interface</a> to replace the dropdown. Click through the authorizations to use it.</li>
</ul>
<p>This example workflow provided by <a class="mention" href="/u/dianastuder">@dianastuder</a> highlights other things to keep in mind (her posts below are linked)</p>
<ol start="0">
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/14">Languages</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/24">Placeholder</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/29">Missing Species</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/31">Multiple Species</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/33">Combine Multiple Obs</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/38">@ mention</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/56">Supporting ids</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/64">Advising observer</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/71">Narrowing your id “slice”</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/83">Marking Reviewed, Follow/UnFollow</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/89">Using Computer Vision</a></li>
<li><a href="https://forum.inaturalist.org/t/mission-impossible-identify-plantae-in-africa/43528/99">Thank you</a> for momentum!</li>
</ol>
no worries. i don’t think you or koos_the_reader have done anything wrong here. if anything, your post pointed out a latent problem that probably needs to be fixed.
my biggest concern was that whatever is happening here could be exploited to do bad things in a targeted way, but i’ve finally had a few minutes to take a slightly deeper look, and although i still don’t totally understand what’s happening here, i don’t think i see an obvious way to exploit the problem.
regardless, whatever happens in one notification item shouldn’t bleed over to the rest of the page. that kind of thing sometimes could open the door to worse things than bad formatting.
at the end of the day, i think this is just another variant of some kinds of problems previously encountered in other parts of the system:
