[HOLD for payment 2023-11-09] [$500] Chat - The HTML code of the avatar is copied when copying the login name

[lanitochka17]

If you haven’t already, check out our contributing guidelines for onboarding and email [email protected] to request to join our Slack channel!

---

Version Number: 1.3.86-4

Reproducible in staging?: Yes

Reproducible in production?: Yes

If this was caught during regression testing, add the test name, ID and link from TestRail:

Email or phone of affected tester (no customers):

Logs: https://stackoverflow.com/c/expensify/questions/4856

Expensify/Expensify Issue URL:

Issue reported by: Applause - Internal Team

Slack conversation:

Action Performed:

1. Open https://staging.new.expensify.com/
2. Log in with HT account
3. Navigate to any conversation with the user
4. Copy the login in the title of the conversation by highlighting the text from right to left and moving the mouse cursor over the avatar a little.
5. Paste the copied login into the login box on the main login page, you can go incognito.

Steps 2:

1. Open https://staging.new.expensify.com/
2. Log in with HT account
3. Navigate to the conversation with the user with whom you have correspondence history
4. Click the login in the conversation header
5. Triple-click the email address in the Email field in RHP.
6. Copy the highlighted text
7. Paste the text into the Compose Box

Expected Result:

When copying an account login through the conversation header, the avatar HTML code should not be copied to the buffer

Actual Result:

When copying the account login through the conversation header, the HTML code of the avatar is placed in the buffer

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

• Android: Native
• Android: mWeb Chrome
• iOS: Native
• iOS: mWeb Safari
• MacOS: Chrome / Safari
• MacOS: Desktop

Screenshots/Videos

Android: Native

Android: mWeb Chrome

iOS: Native

iOS: mWeb Safari

MacOS: Chrome / Safari

MacOS: Desktop

Bug6242259_1697662281250.Recording__553.mp4

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01cbaee99371cf5444
• Upwork Job ID: 1714763515875631104
• Last Price Increase: 2023-10-25

[melvin-bot]

Triggered auto assignment to @bfitzexpensify (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~01cbaee99371cf5444

[melvin-bot]

Bug0 Triage Checklist (Main S/O)

• This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[melvin-bot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @parasharrajat (External)

[ashuvssut]

Proposal

This GitHub issue consists of 2 issues. I have divided my proposal into 2 sections: PART 1 and PART 2 for that purpose

PART 1: focuses on the first issue

Please re-state the problem that we are trying to solve in this issue.

When selecting the text along with the avatar svg, the styling code present within the avatar svg is also getting copied

Root cause

Here's a Video with voiceover explaining the Root cause. It's also explaining how my proposed solution works

Please unmute the audio in the following video

solution.mp4

Video Summary:
When we make a selection of the text starting from the right and all the way to the left, releasing our selection when hovering upon the svg, we are essentially selecting the text + styling code present within the svg. Thus, when we copy that selection, we end up with selecting the undesired svg styling code too.

See my proposed solution below:-

My solution that fixes this issue:-

App/src/components/Avatar.js

Lines 96 to 109 in 5d9649c

	<View style={iconStyle}>
	<Icon
	src={imageError ? fallbackAvatar : props.source}
	height={iconSize}
	width={iconSize}
	fill={imageError ? themeColors.offline : iconFillColor}
	additionalStyles={[
	StyleUtils.getAvatarBorderStyle(props.size, props.type),
	isWorkspace ? StyleUtils.getDefaultWorkspaceAvatarColor(props.name) : {},
	imageError ? StyleUtils.getBackgroundColorStyle(themeColors.fallbackIconColor) : {},
	...props.iconAdditionalStyles,
	]}
	/>
	</View>

Add a sibling component with the <Icon> component that acts as a layer above that SVG avatar component. This prevents us from selecting the syling code present within the svg element.

   97                  <Icon
   ...                    src={imageError ? fallbackAvatar : props.source}
   ...                    .....
   ...                    .....
   ...                    .....
   108                 />
+  109                 <View style={StyleSheet.absoluteFill} />

PART 2: focuses on the second issue

The second issue is reproducible in staging only. This is not reproducible in development

Its not reproducible in dev, but I still have a good idea of what's causing it

1. When you copy the email from the RHN, you are somehow also copying the data-testid attribute's value
   

2. When you paste the copied content in the browser's address bar, that <_a Icon> is not included in the final pasted text

3. When you paste the copied conent in the Compose text area, the <_a Icon> is included in the final pasted text. I think this issue is related to the compose textarea content renderering logics

watch the video to cross check the facts that I mentioned above

demo.mp4

[bernhardoj]

The first issue is the same issue as #24399 which was closed.

[ashuvssut]

Along with this current issue, the following 3 issues could be fixed by using @bernhardoj 's solution:-

1. [$1000] Chat - Copy-pasting emoji names with keyboard shortcut doesn't paste the right emoji name #24399
2. Web - Copied text from Invite screen contain names of the avatars when paste to Notepad #27723
3. [$500] double click copy emoji text from emoji reaction popup copies extra text #29793

We just need to add these 3 lines in SelectionScraper/index.js

const replaceNodes = (dom, isChildOfEditorElement) => {
    let domName = dom.name;
    let domChildren;
    const domAttribs = {};
    let data;

+   if (dom.type === 'style') {
+      return {};
+   }

I am just a newbie contributor here, but I personally think that the solution I provided by using a sibling <View > is not that good as compared to @bernhardoj 's solution

[shamerKill]

You can use the shadow tag in HTML to block it.
Determine whether to enable shadow tags on the web client.

2023-10-20.13.43.58.mov

[melvin-bot]

📣 @shamerKill! 📣
Hey, it seems we don’t have your contributor details yet! You'll only have to do this once, and this is how we'll hire you on Upwork.
Please follow these steps:

1. Make sure you've read and understood the contributing guidelines.
2. Get the email address used to login to your Expensify account. If you don't already have an Expensify account, create one here. If you have multiple accounts (e.g. one for testing), please use your main account email.
3. Get the link to your Upwork profile. It's necessary because we only pay via Upwork. You can access it by logging in, and then clicking on your name. It'll look like this. If you don't already have an account, sign up for one here.
4. Copy the format below and paste it in a comment on this issue. Replace the placeholder text with your actual details.
   
   Format:

Contributor details
Your Expensify account email: <REPLACE EMAIL HERE>
Upwork Profile Link: <REPLACE LINK HERE>

[shamerKill]

Contributor details
Your Expensify account email: [email protected]
Upwork Profile Link: https://www.upwork.com/freelancers/~01862f4789afd10ee6

[melvin-bot]

✅ Contributor details stored successfully. Thank you for contributing to Expensify!

[parasharrajat]

Interesting. why are we enforcing HTML selection for these elements?

[shamerKill]

Interesting. why are we enforcing HTML selection for these elements?

Isn't it the simplest way to create tags only for browsers by judging the platform.

[shamerKill]

Interesting. why are we enforcing HTML selection for these elements?

Isn't it the simplest way to create tags only for browsers by judging the platform.

We just need to wrap it up.

import React from 'react';
import {Platform} from 'react-native';

function Shadow (props) {
    const isWeb = Platform.OS === 'web';
    if (isWeb) {
        return <shadow>{props.children}</shadow>
    } else {
        return props.children;
    }
}

export default Shadow;

[melvin-bot]

@parasharrajat, @bfitzexpensify Whoops! This issue is 2 days overdue. Let's get this updated quick!

[parasharrajat]

So I can see now why the issue is coming. To me, this is a valid issue because we are manipulating the selection thus we should fix it.

I checked old issues as well and it seems that there was no clear conclusion on why they were ignored. The only reason was that reproduction is an edge case which does not convince me. Now we have multiple reproductions.

Also, @bernhardoj's proposal makes the most sense. It proposes a simple solution and IMO makes the best fit for the problem.

Still I have a few questions before I move so let's get those cleared first.

[parasharrajat]

IMO, this issue comes down to this line

App/src/hooks/useCopySelectionHelper.ts

Line 18 in 60576fe

Clipboard.setHtml(selection, parser.htmlToText(selection));

.

We shouldn't be worried about the tags being parsed in the getHTMLSelection, the browser has native handling for all tags so it will itself filter style tags when pasted into a normal text input like many other HTML tags. It will only paste the text.

Now, I see that we are manipulating the selection in the above-linked code and setting the text/html and text/plain parts in the clipboard.

Our parser should have filtered the style tags while converting the HTML to text. But it seems it is failing to do so in this case.

Issue 2 explanation #29921 (comment)

I think the following changes should be made to fix this issue completely.

1. We should prevent domName conversion with testId when a testID contains an Icon. we are setting custom testids for SVG elements to enable unit testing [Accessibility Labels] Localise accessibility labels and update texts accordingly. #16553 but it forces out replaceNodes function to create an incorrect element

   App/src/libs/SelectionScraper/index.js

   Line 118 in dd0d98f

   domName = dom.attribs[tagAttribute];

   . There might more such cases but we can focus only on skipping svg icon for now.

2. Update parser.HtmlToText to exclude style tags completely.

@bernhardoj's solution 3 works no doubt but I will still like to see analysis on point 2 above.

@bernhardoj Are you interested in looking into this?

---

Edit:

I just found out that parser.htmlToText does not skip style tags. Looking into why don't we skip style tags. IMO, it should filter style tags as well.

[bernhardoj]

@parasharrajat I'm only interested in the first issue because I can't reproduce the 2nd one.

We shouldn't be worried about the tags being parsed in the getHTMLSelection, the browser has native handling for all tags so it will itself filter style tags when pasted into a normal text input like many other HTML tags.

This isn't true. window.getSelection will include the style tag too. In fact, it includes any HTML tag. replaceNodes is responsible for selecting only an element with the type of text, and as I mentioned in my proposal:

The problem is, inline style text is also a type of text, thus the Avatar SVG inline style text content is also included.

It's not parser.htmlToText responsibility to filter out the style tag. Its responsibility is to convert HTML tags to plain text.

[parasharrajat]

This isn't true. window.getSelection will include the style tag too. In fact, it includes any HTML tag. replaceNodes is responsible for selecting only an element with the type of text, and as I mentioned in my #24399 (comment):

I think you misunderstood my comment. I am saying that when pasted browser will skip non-visual elements from being pasted into the input. It will filter style tags as well.

It's not parser.htmlToText responsibility to filter out the style tag. Its responsibility is to convert HTML tags to plain text.

The code might be saying so but it is focused on our parser, not a generalized HTML-to-text solution. So the question is Should our parser convert style tags to text as well? It shouldn't, IMO.

However, I am stunned to see that we are not filtering style tags in htmlToText rules. There might be some history to it. I will try to look into this.

[bernhardoj]

Ah, I see. I think it might be debatable whether we should filter out the style tag on htmlToText or replaceNodes.

[parasharrajat]

Asking here https://expensify.slack.com/archives/C01GTK53T8Q/p1698215792235109

[bernhardoj]

The PR for ExpensiMark is here Expensify/expensify-common#593

cc: @parasharrajat

[bernhardoj]

Oh, it's merged already. Preparing the App PR...

[parasharrajat]

Great.

[bernhardoj]

PR is ready

cc: @parasharrajat

[melvin-bot]

Reviewing label has been removed, please complete the "BugZero Checklist".

[melvin-bot]

The solution for this issue has been 🚀 deployed to production 🚀 in version 1.3.94-2 and is now subject to a 7-day regression period 📆. Here is the list of pull requests that resolve this issue:

• Fix selection includes SVG style and data-testid value #30476

If no regressions arise, payment will be issued on 2023-11-09. 🎊

After the hold period is over and BZ checklist items are completed, please complete any of the applicable payments for this issue, and check them off once done.

• External issue reporter
• Contributor that fixed the issue
• Contributor+ that helped on the issue and/or PR

For reference, here are some details about the assignees on this issue:

• @parasharrajat does not require payment (Eligible for Manual Requests)
• @bernhardoj requires payment

[melvin-bot]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@parasharrajat] The PR that introduced the bug has been identified. Link to the PR:
• [@parasharrajat] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment:
• [@parasharrajat] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion:
• [@parasharrajat] Determine if we should create a regression test for this bug.
• [@parasharrajat] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.
• [@bfitzexpensify] Link the GH issue for creating/updating the regression test once above steps have been agreed upon:

[bfitzexpensify]

Payment summary:

Contributor: @bernhardoj to be paid $500 via Upwork
C+: @parasharrajat to be paid $500 via manual request

[melvin-bot]

@johnmlee101, @parasharrajat, @bfitzexpensify, @bernhardoj Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

[melvin-bot]

@johnmlee101, @parasharrajat, @bfitzexpensify, @bernhardoj Whoops! This issue is 2 days overdue. Let's get this updated quick!

[parasharrajat]

BugZero Checklist: The PR fixing this issue has been merged! The following checklist (instructions) will need to be completed before the issue can be closed:

• [@parasharrajat] The PR that introduced the bug has been identified. Link to the PR: Selection scraper created and integrated to project #6732
• [@parasharrajat] The offending PR has been commented on, pointing out the bug it caused and why, so the author and reviewers can learn from the mistake. Link to comment: Selection scraper created and integrated to project #6732 (comment)
• [@parasharrajat] A discussion in #expensify-bugs has been started about whether any other steps should be taken (e.g. updating the PR review checklist) in order to catch this type of bug sooner. Link to discussion: Not required. It has been discussed a few times that we should create a ruleset for HTMLparser which should be strictly followed while making changes to it. I think it is still pending.
• [@parasharrajat] Determine if we should create a regression test for this bug. Yes
• [@parasharrajat] If we decide to create a regression test for the bug, please propose the regression test steps to ensure the same bug will not reach production again.

Regression Test Steps

Web/Desktop/mWeb

1. Open any chat with a default avatar.
2. Do a text selection on the chat header by dragging it from the right of the title to the left of the avatar.
3. Copy it via shortcuts.
4. Paste it on any text field, except the composer.
5. Verify that the pasted text doesn't contain some random style text.

---

1. Open any chat
2. Press the header to open the profile page
3. Do a text selection on the email by dragging it from the left of the email to the right of the copy icon
4. Copy it
5. Paste it on the composer
6. Verify the pasted text doesn't contain <_a Icon> text.

Do you agree 👍 or 👎 ?

[parasharrajat]

Payment requested as per #29921 (comment)

[JmillsExpensify]

$500 approved for @parasharrajat