Category description can create invalid html in summary emails

Using a text pattern like some text ' > some more text in a category description generates invalid html in “Since your last visit” summary emails. It closes the HTML title tag and the text that is supposed to be displayed in the title tag is rendered as text in the email.
To not use .html_safe in lib/category_badge line 77 seems to fix it. This works:
description = category.description_text ? "title='#{category.description_text}'" : ''

https://github.com/discourse/discourse/blob/94d8f6d7342e862a38b9d01d7d9bac556dd038b2/lib/category_badge.rb#L77

1 Like

Removing that might break it somewhere else. I’ll have a look.

3 Likes

Looks like this is fixed. I could reproduce it on an old version, but can’t now.

4 Likes