Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Html comments are shown in PR and issue descriptions #19195

Closed
viceice opened this issue Mar 24, 2022 · 10 comments · Fixed by #19201
Closed

Html comments are shown in PR and issue descriptions #19195

viceice opened this issue Mar 24, 2022 · 10 comments · Fixed by #19201
Labels
type/bug type/upstream This is an issue in one of Gitea's dependencies and should be reported there
Milestone

Comments

@viceice
Copy link
Contributor

viceice commented Mar 24, 2022

Description

Since v1.16.5 Html comments are shown in PR and issue descriptions, they should be hidden as before.

Reproducer: https://try.gitea.io/viceice/test/issues/1

Gitea Version

1.16.5

Can you reproduce the bug on the Gitea demo site?

Yes

Log Gist

No response

Screenshots

image

Git Version

No response

Operating System

No response

How are you running Gitea?

Official helm chart with slim image

Database

PostgreSQL

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

It seems < is encoded as \x3C 🤔

@xoxys
Copy link
Contributor

xoxys commented Mar 24, 2022

As discussed in the chat:

gitea on  HEAD (e6d46ee) (BISECTING) [$] via 🐹 v1.16.15 via  v16.14.0 took 8s 
❯ git bisect good
f9ea4ab69ae397be4791c2e2ebf59f6cd9e5a6f8 is the first bad commit
commit f9ea4ab69ae397be4791c2e2ebf59f6cd9e5a6f8
Author: techknowlogick <techknowlogick@gitea.io>
Date:   Sat Mar 19 13:46:47 2022 -0400

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

maybe the github.com/yuin/goldmark v1.4.0 to v1.4.8 update?

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

I think this is fixed in a later version

@xoxys
Copy link
Contributor

xoxys commented Mar 24, 2022

Should be a quick fix in this case.

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

When can i expect a fixed gitea version? If it needs some days i would create a small jquery script on page load to fix it temporary

@xoxys
Copy link
Contributor

xoxys commented Mar 24, 2022

Don't know, one of the maintainers could give us a rough timeline.

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

Just ask if it's worth to create the quickfix 🙃

@xoxys
Copy link
Contributor

xoxys commented Mar 24, 2022

Can confirm that updating goldmark fixes the issue:

❯ docker run -v $(pwd):/drone/src --workdir /drone/src -it golang:1.18 bash
root@c5219c2fabbe:/drone/src# go get -u github.com/yuin/goldmark
go: downloading github.com/yuin/goldmark v1.4.11
go: upgraded github.com/yuin/goldmark v1.4.8 => v1.4.11
root@c5219c2fabbe:/drone/src# TAGS="bindata sqlite sqlite_unlock_notify" make build

So you could build it with the fixed version from the release/v1.16 branch on your own.

@viceice
Copy link
Contributor Author

viceice commented Mar 24, 2022

OK, thanks. Will do a jQuery quickfix for now. It's easier, as i already have a custom js file embedded. 😉

$('.task-list-item').contents().each((i, e) => {
  if (e.nodeName === '#text') {
    e.textContent = e.textContent.replaceAll(/\x3C!--.*?-->/g, '')
  }
})

@noerw noerw added dependencies type/upstream This is an issue in one of Gitea's dependencies and should be reported there and removed dependencies labels Mar 24, 2022
@noerw noerw added this to the 1.16.6 milestone Mar 24, 2022
@go-gitea go-gitea locked and limited conversation to collaborators Apr 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
type/bug type/upstream This is an issue in one of Gitea's dependencies and should be reported there
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants