HTML entities are not being parsed properly in featured topic titles in user profiles, i.e.
How to start building stuff for Discourse if you’re newbie (like myself)
See e.g. Profile - angus - Discourse Meta
HTML entities are not being parsed properly in featured topic titles in user profiles, i.e.
How to start building stuff for Discourse if you’re newbie (like myself)
See e.g. Profile - angus - Discourse Meta
One for @markvanlan perhaps?
I just merged a commit to fix this. Just an extra set of {}
!
Are we sure this does not open us up to XSS problems if there is html code in the title of the topic?
I confirmed that fancy_title
is escaped, and does not open us up to XSS issues. I had just assumed that was the case, so I appreciate the question.