Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Quote marks in Inline code are interpreted #6592

Closed
doctorwho92 opened this issue Apr 4, 2017 · 1 comment
Closed

Quote marks in Inline code are interpreted #6592

doctorwho92 opened this issue Apr 4, 2017 · 1 comment
Assignees
@rodrigok
Labels
feat: message type: bug

Comments

@doctorwho92
Copy link

Rocket.Chat Version: 0.54.2
Running Instances: 2
DB Replicaset OpLog:
Node Version: v4.8.1

This inline code, encapsulated in three back ticks:
export HISTTIMEFORMAT="%F %T "
export HISTFILESIZE=
export HISTSIZE=

turns into:
export HISTTIMEFORMAT="%F %T "
export HISTFILESIZE=
export HISTSIZE=

i.e. the quote marks are converted into "
@gdelavald gdelavald mentioned this issue Apr 8, 2017
Closed
@gdelavald
Copy link
Contributor

gdelavald commented Apr 8, 2017
edited
Loading

This looks very similar to the issue with the missing http in the start of the string, because here the first line is being considered the lang for the code block, and because of this is not being unescaped when returning:

	if singleLine
		lang = ''
		code = _.unescapeHTML codeMatch[1] + codeMatch[2]
	else
		lang = codeMatch[1]
		code = _.unescapeHTML codeMatch[2]
...

I think adding the unescape to the codeMatch[1] that is being set as lang will fix this.

Edit:
Please note that, this could cause some issues when the lang should not be escaped, feel free to criticise this solution and point possible exploits of this.

@gdelavald gdelavald mentioned this issue Jun 30, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rodrigok rodrigok

Labels
feat: message type: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rodrigok @gdelavald @doctorwho92 @MartinSchoeler