-
-
Notifications
You must be signed in to change notification settings - Fork 834
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TextFormatter handling improvements #1516
Comments
in some cases textformatter skip currently there's a way to bypass 65535 limit using some unicodes, which results truncated text, I guess the best solution here would be to make sure post content never truncate. |
/cc @JoshyPHP |
I've updated the renderer to throw an exception if If you feed malformed XML to the renderer, it may return malformed HTML or throw an exception, depending on whether you hit a hot path or a cold one. You'll have to test the XML manually if there's a chance it's malformed. |
1.2.2 has been released and it should detect truncated XML regardless of what code path it takes. It does not validate the XML systematically though, so if the XML is corrupted in any other way than a simple truncation, it will not always detect it. |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Why the comment post validator limits the content to 65535 characters? |
So do we need to do anything else here? posts.content is now MEDIUMTEXT but the PostValidator still limits post content to 65535 characters, then there shouldn't be an issue with database truncation any more. We can make the 65535 limit configurable down the track. |
I think you're right. The validation happens after the content is parsed / transformed by TextFormatter, so this should be fine. |
Would be worth a regression test, though... |
Is it still limited to 65535 characters? |
Yes it's still limited by PostValidator |
The comment post validator limits the content to 65535 characters. The text formatter compiles that text to something it can understand (xml). Storing it to the database could create a truncated value which text formatter can no longer transform back.
We need to tackle this before beta 8, as this has caused some mischievous behavior.
In addition we need to capture any errors text formatter throws while rendering the saved content.
I am pushing this onto beta 8 to prevent abuse of user forums.
Based on research by @sijad
The text was updated successfully, but these errors were encountered: