Tossing this into the random-stuff-I-learned-today bucket.
Today I was messing around with Google Chrome, and I found out that unlike Firefox and Safari, it treats frontslashes the same way as backslashes in hrefs.
A Chromium developer offers their thoughts on this:
…the backslash was intended to provide compatibility for a Windows world, and [Chrome will] take a more-or-less arbitrary number of initial slashes following the colon in some cases.
Try clicking the following links in Firefox, Safari, and Chrome to get a better sense of what this means:
<a href=“http:\//\//\google.com”>
lolwut?
Now, this is admittedly super contextual, but this could mean the difference between a URI filter spitting out malformed garbage that doesn’t link properly and that same URI filter spitting out a valid link in Chrome. Construct your whitelists and filters with care!
I’ve hardly ever had reason to question Chrome’s behavior and my eyes glaze over re: Windows compatibility, but this is a great reminder that browsers do have their subtle differences which sometimes manifest in surprising ways.
Pretty unrelated: I also stumbled upon Garage4Hackers which I didn’t know is a thing. Might be worth checking out if you’re into security stuff.