HTML not escaped in topic titles on /my/activity/posts


(PJH) #1

Continuing the discussion from Code-fence and <pre> formatting require preceding blank lines to render correctly in cooked:

Had reason to go to my activity page, and the above topic has the HTML rendered rather than being escaped…

From Discourse Meta


(Régis Hanol) #2

Thanks for reporting that issue. I just pushed a fix :tiger2:

https://github.com/discourse/discourse/commit/8998a54ce69f8944ba9a0c97f5d0a26896e79f99


(Régis Hanol) #3

(Sam Saffron) #4

will this go weird with smartypants stuff? EG: the title “1 and 1/4”


(Régis Hanol) #5

It doesn’t keep the formatting, but it isn’t butchered either.


(Kane York) #6

For the record: No backport needed, this was introduced in .beta5


(Jeff Atwood) #7

Hmm I think SmartyPants should be working here, too. Anywhere we display titles.


(Kane York) #8

Reopening to allow further discussion. Will re-close in 2 days.


(Kane York) #9

This topic was automatically closed after 2 days. New replies are no longer allowed.