Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inline block code display issue #2322

Closed
Kevan-Y opened this issue Oct 1, 2021 · 3 comments · Fixed by #2337
Closed

Inline block code display issue #2322

Kevan-Y opened this issue Oct 1, 2021 · 3 comments · Fixed by #2337
Assignees
@Kevan-Y
Labels
type: bug Something isn't working

Comments

@Kevan-Y
Copy link
Contributor

Kevan-Y commented Oct 1, 2021

What happened:
This post is not being rendered correctly.
The post contains a single line code
`Closed by <short_name_issue_code>.` in telescope it is render <code>Closed by <short_name_issue_code>.</short_name_issue_code></code>

image

What should have happened:
It should render `Closed by <short_name_issue_code>.`

How to reproduce it (as precise as possible):

Anything else we need to know?:

Environment:

  • OS: Windows 10
  • Browser: Chrome Version 94.0.4606.61
@Kevan-Y Kevan-Y added the type: bug Something isn't working label Oct 1, 2021
@humphd humphd mentioned this issue Oct 1, 2021
Closed
@humphd
Copy link
Contributor

humphd commented Oct 1, 2021

This is a possible duplicate of #1801, #2131, and #2313. I think the solution to this is to fix our sanitize-html logic so that it escapes vs. removes unknown HTML tags.

The first step to solving this is add a failing test in https://github.com/Seneca-CDOT/telescope/blob/124cf42e3e42a89c7181f6eadbbab40669c28aaa/test/sanitize-html.test.js. Something like:

test('unknown tags should get escaped vs. removed', () => {
  const data = sanitizeHTML('<code>Closed by <short_name_issue_code>.</code>');
  expect(data).toBe('<code>Closed by &lt;short_name_issue_code&gt;.</code>');
});

@Kevan-Y has kindly offered to take up the torch and continue fighting this bug.

@Kevan-Y
Copy link
Contributor Author

Kevan-Y commented Oct 5, 2021
edited
Loading

The sanitize-html convert tag like <text> into <text></text> (if adding disallowedTagsMode: 'escape' | 'recursiveEscape' to the config).
I tried to add the suggestion config from the related issue comment. None of those worked.
One solution I found is to convert everything wrapped into <code> ( < will be &lt; > will be &gt;). Then pass to the sanitizeHtml() This way it will not produce the issue above.

@humphd
Copy link
Contributor

humphd commented Oct 5, 2021

I think we have a few bugs here, and your fix for adding disallowedTagsMode: recursiveEscape to the sanitizer might be a good start. I think it would fix some of the cases we have in the linked issues (e.g., React components). Do you want to create a PR just for that bit?

The second thing we should explore is what's happening in https://github.com/Seneca-CDOT/telescope/blob/master/src/backend/utils/html/replace-entities.js, which I suspect is also part of the problem here.

@Kevan-Y Kevan-Y mentioned this issue Oct 5, 2021
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kevan-Y Kevan-Y

Labels
type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

escape thing inside of code tag Kevan-Y/telescope
2 participants
@humphd @Kevan-Y