Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rich text editor corrupts images with UTF-8 SVG data URIs #8736

Closed
personalizedrefrigerator opened this issue Aug 26, 2023 · 4 comments · Fixed by #9801
Closed

Rich text editor corrupts images with UTF-8 SVG data URIs #8736

personalizedrefrigerator opened this issue Aug 26, 2023 · 4 comments · Fixed by #9801
Assignees
Labels
backlog We'll get to it... eventually... bug It's a bug desktop All desktop platforms editor upstream There's a problem with upstream code.

Comments

@personalizedrefrigerator
Copy link
Collaborator

Environment

Joplin version: 4e25377
Platform: Desktop
OS specifics: Ubuntu 23.04

Steps to reproduce

  1. Create a new note
  2. Open the note in the markdown editor
  3. Set the note's content to
<img src="data:image/svg+xml;utf8,<svg width=&quot;1700&quot; height=&quot;1536&quot; xmlns=&quot;http://www.w3.org/2000/svg&quot;> <path d=&quot;m0,0 l100,1000 l200,0 z&quot;/> </svg>">
  1. Switch to the rich text editor
  2. Edit the note
  3. Switch back to the markdown editor

Describe what you expected to happen

The image should be preserved.

Related

#8735 (not loaded resources are represented partially with image tags with UTF-8 SVG data URIs).

@personalizedrefrigerator personalizedrefrigerator added the bug It's a bug label Aug 26, 2023
@laurent22 laurent22 added desktop All desktop platforms editor high High priority issues labels Aug 26, 2023
@laurent22
Copy link
Owner

I think that's purposely disabled by the sanitizer for security reasons?

@personalizedrefrigerator
Copy link
Collaborator Author

The current output after converting from HTML->MD->HTML is

<img src="data:;base64,<svg width=" 1700"="" height="1536" xmlns="http://www.w3.org/2000/svg">

Note that it does render correctly in the HTML viewer:

screenshot of rendered HTML

@adrianvg
Copy link

adrianvg commented Oct 2, 2023

I think that's purposely disabled by the sanitizer for security reasons?

Seeing this too, but don't understand why this is.
Is the sanitizer I can disable or tweak?

I'm and enduser BTW. :-)

@personalizedrefrigerator
Copy link
Collaborator Author

It looks like this is an upstream bug and was fixed in TinyMCE 6.1. Thus, upgrading TinyMCE should fix this issue.

personalizedrefrigerator added a commit to personalizedrefrigerator/joplin that referenced this issue Jan 29, 2024
@laurent22 laurent22 added upstream There's a problem with upstream code. backlog We'll get to it... eventually... and removed high High priority issues labels Feb 2, 2024
laurent22 pushed a commit that referenced this issue Feb 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backlog We'll get to it... eventually... bug It's a bug desktop All desktop platforms editor upstream There's a problem with upstream code.
Projects
None yet
3 participants