Web Dev · March 12, 2025

Don't Leave Debug Notes in Your HTML

By Ellie Marsh

HTML comments are invisible on the page but anyone can read them by opening DevTools. It's one of the most common ways developers accidentally expose sensitive information in production.

Always audit your markup before shipping. A quick search for <!-- in your codebase can save you from a very bad day.