New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[subscriptions] Email content corrupted after a [code] block #920
Comments
The actual JavaScript isn't like that, because it is plain text, so the HTML hasn't been parsed.
If I use a beautify-er, the code now looks like this: if ("undefined" !== typeof hljs) hljs._ha();
else if ("undefined" === typeof hljsLoading) {
hljsLoading = 1;
var a = document.getElementsByTagName("head")[0],
e = document.createElement("link");
e.type = "text/css";
e.rel = "stylesheet";
e.href = "//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.0.0/styles/default.min.css";
a.appendChild(e);
e = document.createElement("script");
e.type = "text/javascript";
e.onload = function () {
var d = {}, f = 0;
hljs._hb = function (b) {
b.removeAttribute("data-hljs");
var c = b.innerHTML;
c in d ? b.innerHTML = d[c] : (7 And we can see, that it added the code to highlight the code block 😃 |
afaik, the source of the code is : vendor\s9e\text-formatter\src\Plugins\BBCodes\Configurator\repository.xml (line 53) I didn't know exactly what was this code, but you are right, it is in the block |
I wouldn't think so... |
An interesting news ! I changed the code which extracts this data from : The text of the message was : toto3 The message now contains :
So it is the full CDATA block. And if now I copy below this block, without the back sticks, you will just see the text (toto3) highlighted :
|
Well, this probably references #537, about the HTML emails an all that 😉 |
UPDATE : Yes, you are perfectly right. I understood suddenly what happens, see next post. |
Now what happens is clear. The cause is the following code in newPost.blade.php (see issue #537 for details on this file) : The content of the message is displayed by the following line : This means :
It is just nonsense. Building html code to have a beautiful display, then removing all html codes for security reasons. I think there is no security issue, because all html tags typed by the author of the post are already converted in html entities in the process used by Flarum. If you type conclusion : To fix the present bug :
This will be implemented when #537 will be fixed, and the present bug is only a consequence of #537 Note that in html format, formating (bold, italics, titles, lists, background for quotes, colors...) will be preserved and the text in the email will look veray similar to the text on the forum (provided html formatting is supported by the email program. |
since #537 is still pending, this bug is still pending also. |
@tobscure Shouldn't we use |
And if we simply dump the HTML in those HTML emails, will the script tags cause any problems with email clients? Does anybody know that? I could imagine that could make the messages look suspicious to anti-spam tools. Or is there an easy way to render the HTML without any JS, @JoshyPHP ? |
This issue seems to be present also if a message is quoted in the forum and there is a code |
I had a fix for this lying around for a long time now... 🙈 @PeopleInside Please do me a favor and tell me whether this commit fixes the issue for you. |
I think the same issue might be there in the mentions extension as well? |
@matteocontrini Yes, I am just waiting for confirmation (and also testing myself right now) before pushing the fixes there. Likely fixing #537 in the process. :) |
For me seems not work but not sure. but quoted test still have issue on the forum and on the email if code is present. I changed only the file fixed by @franzliedke |
Hmm... it works locally. Please clear your cache. |
Must be a cache or op-cache issue on your server. For me, the issue is fixed on dev-master. |
Refs flarum/framework#920. Possibly fixing flarum/framework#537.
Issue resolved in email but still be present on forum post if text with code is quoted. Visual issue on the forum. You can see the issue here: https://discuss.flarum.org/d/17993-broke-quote-test @franzliedke |
Refs flarum/framework#920. Possibly fixing flarum/framework#537.
Refs flarum/framework#920. Possibly fixing flarum/framework#537.
This bug was tested locally and also on the sandbox of discussion.flarum.org.
Simple to reproduce :
[code]OK[/code]
or anything which contains a code block.
See example here : https://discuss.flarum.org/d/2451-lol/9
In the email received to inform that there was a new post, the text is correct until the end of the code block. Immediately after, there is a sequence of a js file (always the same sequence exactly, even after recompiling). The text following the code block is not present in the email.
In the example on the sandbox, here is the email I received :
The same thing happens if you create a code block by an indent (four spaces).
The text was updated successfully, but these errors were encountered: