Fix the escapeAttribute function using HTML entities instead of backslash escapes #6206
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
HTML attributes used for rendering embeds break if they contain double quote characters. The commit edc6952 attempts to address this issue using backslash escapes. However, this does not work because inserting backslash characters does not actually escape the problematic double quote character from the HTML value.
The current, resultant behavior is that the truncated description gets cut short early after the first backslash character, terminating where the double quote character would be.
The expected behavior is for the truncated description to render with the embed in its entirety.
.
This would require for double quote characters to be replaced with the
"
HTML entity instead of being backslash-escaped, which is what this PR does.Related issues
#6205
Has this been tested?
Sorry, I'm not sure which box I should check here. I'm really new to GitHub and any kind of code dev in general if I'm being quite honest, and parts of the testing guide still go over my head.
I have tested this fix on my own personal PeerTube server. My fix can be confirmed by checking the HTML meta tags for this video and then posting that link somewhere that would generate an embed that contains the truncated description. The example I used in my screenshots is Discord.
A video on any other PeerTube server with a similar description to mine would have its embed's description terminate early at the first double quote character.