Glitch Gallery
A Bug Museum of Malformed Markup
Each exhibit pairs raw HTML with the parsing fix-ups it triggers. Visitors are encouraged not to lick the specimens.
Exhibit 01
Block-in-inline (escaping div)
Browsers reparent the <div> out of the <span>.
before
I am block-level
after
Exhibit 02
Void elements with phantom children
Children are reparented out; the close tag is discarded.
kids
this-text-after-br
Exhibit 03
Unclosed paragraphs
one
two
three
Exhibit 04
Mismatched closes
inside-span
Exhibit 05
Duplicate attributes
payload
Exhibit 06
Missing quotes around attribute values
unquoted-attrs
Exhibit 07
Bare ampersand in attribute
Exhibit 08
Quote mixing
payload-A
payload-B
Exhibit 09
Attributes on separate lines
payload
Exhibit 10
CamelCase attribute names
camel-attrs
Exhibit 11
Empty paragraph
Exhibit 12
Self-closing non-void
This paragraph is now a child of the previous div.
Exhibit 13
Custom element without dash
x
nested
Exhibit 14
Custom element with dash
inside
Exhibit 15
Namespace-prefixed tag
x
Exhibit 16
Tag name starting with a digit
<1head>treat as text
Exhibit 17
Attribute names with colons and dots
payload
Exhibit 18
Comment inside a start tag
data-y="kept">payload
Exhibit 19
Style with !important
important-payload
Exhibit 20
Style with vendor prefixes
vendor-payload
Exhibit 21
Style with CSS custom properties
var-payload
Exhibit 22
Style with calc()
calc-payload
Exhibit 23
Boolean attribute variants
Exhibit 24
XSS surfaces (javascript: URLs, onerror)
Exhibit 25
Many single-letter boolean attributes
boolean-spray
Exhibit 26
Long attribute value
long-value
Exhibit 27
Unicode in attribute name and value
unicode-payload
Exhibit 28
Numeric character references
Exhibit 29
Table soup (foster parenting)
stray-text-before-tr stray-text-mid
| cell-A |
| cell-B |
Exhibit 30
Stray list item
Exhibit 31
Form nested oddly
| cell-with-foster-parented-form |
Exhibit 32
Control specimen (well-formed)
A normal paragraph with emphasis and a trailing link.
parser
jsdom
html5