It doesn't work for me either, I was trying multiple times and always fails, I was started to think, that maybe I'm the robot.

my local llm that everyone can test https://github.com/skorotkiewicz/conduit/blob/main/myNode.md

Im just vibe-coded a multiplayer game with deterministic terrain world generation with Cleoselene in 5min.

https://github.com/skorotkiewicz/proximity-explorer

That's AMAZING!

I will definitively follow that!

Was it really 5 min or more like 30?

AI catching ripples that been hidden for years Got sensors in the water reading stories in the waves Every victim that we find is another soul we save International coalition, this the global grind Bodies tell their secrets when the science intervene

This code only does the most basic and naive regex filtering that even a beginner XSS course's inputs would work against. With the Node example code and input string:

  <p>Hello <scr<script>ipt>alert(1)</scr<script>ipt> World</p>

The program outputs:

  $ node .
  <p>Hello <script>alert(1)</script> World</p>
  {
    sanitizedHTML: '<p>Hello <script>alert(1)</script> World</p>',
    wasModified: true,
    removedElements: [],
    removedAttributes: []
  }

Asking a chatbot to make a security function and then posting it for others to use without even reviewing it is not only disrespectful, but dangerous and grossly negligent. Please take this down.

I wonder why Cursor chose regex approach when it is widely known that it is a wrong method. Is it a result of training on low-quality forums for beginners?

It doesn't really matter, but if you ask it the exact same prompt it will give different results everytime. And if you don't know how to write one properly yourself, you really shouldn't be blindly trusting Ai to produce something correctly. But these are the source of all future employment of developers and engineers who actually know things.

It does seem like a weirdly bad result. I got something more sensible that used DOMParser when I gave GPT-5 the following prompt:

> Write a JavaScript function for sanitizing arbitrary untrusted HTML input before setting a DOM element’s innerHTML attribute.

I won’t post it here in case someone tries to use it, but it wasn’t just doing regex munging.

  node.ts:52: const regex = new RegExp(`<\\/?${tag}[^>]*>`, "gi");
  node.ts:72: const regex = new RegExp(`\\s+${attr}\\s*=\\s*["'][^"']*["']`, "gi");
  node.ts:94: const tagRegex = /<(\w+)[^>]*>/g;

https://stackoverflow.com/questions/1732348/regex-match-open...

LLMs are not intelligent enough to figure that the post is non-satirical and you should indeed avoid parsing HTML with regexes.

On the other hand, there is a non-zero chance that a vibe coded HTML parser will eventually include obscure references to ritual infanticide and other eldritch entities of the Basic Multilingual Plane.

Thanks for reminding me that I always wanted to create an alternative to JSON/YAML, so after your post, I got down to work, and this is what came out: https://vzparse.xyz/

No. It works for me.

64 bytes from lhr35s10-in-f14.1e100.net (216.58.206.46): icmp_seq=1 ttl=110 time=47.9 ms

I can ping it too but get 502 errors on google.com and youtube.com

Google and YT works for me just fine: https://www.youtube.com/watch?v=lo4bA4p3MBQ

Maybe depends on region

PING google.com (172.217.17.142): 56 data bytes

Request timeout for icmp_seq 0

Request timeout for icmp_seq 1

Request timeout for icmp_seq 2

My bookmark manager lightweight for organizing, storing, and managing your bookmarks with an intuitive user interface.

https://github.com/skorotkiewicz/bookmarks

A year ago I used this server for my friends, then it was called oragono. I really recommend it.