Skip to content

Fix unescaping of HTML characters <> in CodeHilite. #990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 29, 2020
Merged

Fix unescaping of HTML characters <> in CodeHilite. #990

merged 2 commits into from
Jun 29, 2020

Conversation

aero31aero
Copy link
Contributor

Previously, we'd unescape both &amp;gt; and &gt; to the same
string because we were running the & => & replacement first.
By changing the order of this replacement, we now convert:

&amp;gt; &gt; => &gt; >

as expected.

Fixes #988.

aero31aero added a commit to aero31aero/zulip that referenced this pull request Jun 25, 2020
@cheald @aero31aero
markdown: Escape HTML entities in inline code blocks.
c2755dc 
This fixes an issues that causes HTML entities inside of inline code
blocks to be converted rather than being displayed literally.

The upstream python-markdown now handles this correctly, so we just use
their implementation with our changes for removing .strip(). As a result
of this migration, we switch backtick pattern to an inline processor
too.

Fixes zulip#12056.

For the codeblock counterpart of this issue, we should follow the
upstream PR Python-Markdown/markdown#990.

Co-authored-by: Rohitt Vashishtha <[email protected]>
timabbott pushed a commit to zulip/zulip that referenced this pull request Jun 25, 2020
@cheald @aero31aero @timabbott
markdown: Escape HTML entities in inline code blocks.
42f2399 
This fixes an issues that causes HTML entities inside of inline code
blocks to be converted rather than being displayed literally.

The upstream python-markdown now handles this correctly, so we just use
their implementation with our changes for removing .strip(). As a result
of this migration, we switch backtick pattern to an inline processor
too.

Fixes #12056.

For the codeblock counterpart of this issue, we should follow the
upstream PR Python-Markdown/markdown#990.

Co-authored-by: Rohitt Vashishtha <[email protected]>
@andersk andersk mentioned this pull request Jun 25, 2020
Closed
@waylan
Copy link
Member

waylan commented Jun 26, 2020
edited
Loading

This looks good. Thank you. With a comment added to the release notes, this can be merged.

@waylan waylan added the requires-changes Awaiting updates after a review. label Jun 26, 2020
@aero31aero
Fix unescaping of HTML characters <> in CodeHilite.
1edd96b 
Previously, we'd unescape both `&amp;gt;` and `&gt;` to the same
string because we were running the &amp; => & replacement first.
By changing the order of this replacement, we now convert:

`&amp;gt; &gt;` => `&gt; >`

as expected.

Fixes Python-Markdown#988.
@aero31aero
Copy link
Contributor Author

@waylan I added a line to the changelog. This is ready for review.

@waylan waylan merged commit 071c4f1 into Python-Markdown:master Jun 29, 2020
@waylan waylan added approved The pull request is ready to be merged. and removed requires-changes Awaiting updates after a review. labels Jun 29, 2020
@andersk andersk mentioned this pull request Nov 23, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
approved The pull request is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

HiliteTreeprocessor doesn't leave escaped HTML entities intact.
2 participants
@aero31aero @waylan