No internet connection
  1. Home
  2. Support

Formatting code in upsert API changes ">" to HTML escaped version thereof ">"

By Christian Scheuer @chrscheuer2020-06-27 10:38:49.611Z
  • 2 replies
  1. KajMagnus @KajMagnus2020-06-28 13:38:19.044Z

    It seems to me that Talkyard got < in the uploaded CommonMark source already. When I look at the page source, I see:

        //Try to see if waiting for ...
        //so that it would be safe to ...
        retry(() => sf.ui.proTools.  ...
        //Now try clearing it...
        retry(() => {
            var menuItem;

    But Talkyard shoulnd't process the source — it just saves it as is, and then converts & sanitizes to HTML.
    Now, since < is in the source already, I'm wondering if SoundFlow's server actually sends < to Talkyard.

    SoundFlow doesn't do any HTML escaping of its own, before posting to Ty?
    Could possibly a React editor component SoundFlow uses, do its own HTML escaping?

    A bit further down also " gets escaped — I suppose all of < & " get escaped:

        //Close the dialog
                menuPath: [&quot;Window&quot;, ...],

    There's something unusual with how the code block ends — in the CommonMark source, there's this:


    So, both ``` and </code></pre>. I would-think-that / wonder-if that was included in the API request from the start already.

    1. CChristian Scheuer @chrscheuer2020-07-11 11:43:43.776Z

      Thanks Magnus, that sounds about right. Sorry for the inconvenience, I'll double check on our end.