You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Setting the room topic to _[I'm $&](http://google.com)_ should produce underlined text "I'm $&" that links to Google.
Instead, it results in this mess in chat: __blank">I'm __room_topic__amp;_, and a slightly different one in the sidebar: https://i.imgur.com/dMa4O2Z.png
Underlining breaks the link parser, getting confused with the _blank target. Bad parameter escaping?
The apostrophe character is incorrectly encoded (applies to other characters too).
The $& sequence becomes __room_topic__amp;, indicating I'm getting some kind of access to internal variables, which I shouldn't be.
There's almostly certainly a lot more issues here.
The text was updated successfully, but these errors were encountered:
JakeSteam
changed the title
Link & character errors when parsing complex room topics
Link parsing & character encoding errors when parsing complex room topics
May 5, 2017
JakeSteam
changed the title
Link parsing & character encoding errors when parsing complex room topics
Link parsing, character encoding, and variable accessing errors when parsing complex room topics
May 5, 2017
Seems like this applies not only to room titles but to links in general. For example posting [a'b](https://hostname.tld) into the chat results in a link named a'b. Looks like the link text is encoded twice.
Rocket.Chat Version: 0.54.2
Setting the room topic to
_[I'm $&](http://google.com)_
should produce underlined text "I'm $&" that links to Google.Instead, it results in this mess in chat:
__blank">I'm __room_topic__amp;_
, and a slightly different one in the sidebar: https://i.imgur.com/dMa4O2Z.png_blank
target. Bad parameter escaping?__room_topic__amp;
, indicating I'm getting some kind of access to internal variables, which I shouldn't be.There's almostly certainly a lot more issues here.
The text was updated successfully, but these errors were encountered: