Comments: Inconsistent tag-stripping

supernovia commented 6 years ago

Steps to reproduce

Start by commenting on a test site using some HTML tags. Use some that are traditionally allowed and some that are not. For example:

<h1>A header</h1>
Some <strong>strong</strong> text
<div>A div with a <a href="#" rel="nofollow">link</a></div>

Note that, at least in Twenty Seventeen, the HTML is posted in the front end of the comment as well as the back end.
Go to https://wordpress.com/comments/ and try editing that comment to add another word or something. Save the changes, and watch what happens to the tag.

What I expected

I expected the disallowed tags might be removed, but they were not removed in Chrome on Mac.
The user expected the tags would stay, but they were stripped in Chrome on Windows 10.

What happened instead

In Chrome (latest) on Mac, the tags are not stripped on edit.

On Windows 10 (in Firefox and in Chrome), and in Firefox on Mac, the heading and div tags are stripped.

The tags are not stripped when editing the comment in wp-admin, regardless of browser.

Browser / OS version

(see above)

Screenshot / Video

https://cloudup.com/cuTat86FJiO

Context / Source

User complaint in forum

gwwar commented 6 years ago

Might also be a chance to use the DomParser in the editor as noted in https://github.com/Automattic/wp-calypso/pull/22331#discussion_r168575005

synora commented 5 years ago

I've had a user report this in chat today. The HTML markdown for their comments in Calypso aren't saving, but it works as expected within wp-admin.

User also recorded this event: https://www.youtube.com/watch?v=MeaDUhHBSSQ&feature=youtu.be

Chat: 70563-hc Follow Up Ticket: 1910665-zen

gwwar commented 5 years ago

@synora do you mind opening a separate enhancement issue for markdown support?

synora commented 5 years ago

@gwwar Done! https://github.com/Automattic/wp-calypso/issues/31779

Lazza commented 5 years ago

@gwwar it's a good idea to have a separate bug report. However, the issue I have reported has the same underlying cause: the HTML gets stripped at the end.

So the Markdown gets converted to HTML and then it's stripped. The video I provided, in fact, shows HTML contents being inserted via the toolbar and getting stripped.

I am astonished that this kind of behavior has being there on WordPress.com for so long. It's literally a user-content focused SaaS. Users leave comments using the comment form (which is based on this buggy implementation). They do not (nor cannot) use wp-admin to correctly format their own content.

Lazza commented 5 years ago

Sorry to ask, but is Automattic even considering this bug?

github-actions[bot] commented 3 years ago

This issue is stale because it has been 180 days with no activity. You can keep the issue open by adding a comment. If you do, please provide additional context and explain why you’d like it to remain open. You can also close the issue yourself — if you do, please add a brief explanation and apply one of relevant issue close labels.

Lazza commented 3 years ago

This issue is still present and it would be great if it gets fixed.

github-actions[bot] commented 3 years ago

This issue is stale because it has been 180 days with no activity. You can keep the issue open by adding a comment. If you do, please provide additional context and explain why you’d like it to remain open. You can also close the issue yourself — if you do, please add a brief explanation and apply one of relevant issue close labels.

Lazza commented 3 years ago

Good grief... 😞

github-actions[bot] commented 2 years ago

This issue is stale because it has been 180 days with no activity. You can keep the issue open by adding a comment. If you do, please provide additional context and explain why you’d like it to remain open. You can also close the issue yourself — if you do, please add a brief explanation and apply one of relevant issue close labels.

Lazza commented 2 years ago

It's a bit weird to see that this bug was not considered in over 4 years.

Recently I switched from being a paying user of WP.com (for several years) to hosting WP myself. If customers do not get any kind of support, it's not worth paying for it.

github-actions[bot] commented 2 years ago

This issue is stale because it has been 180 days with no activity. You can keep the issue open by adding a comment. If you do, please provide additional context and explain why you’d like it to remain open. You can also close the issue yourself — if you do, please add a brief explanation and apply one of relevant issue close labels.

cuemarie commented 1 year ago

👋 Hey folks! Since this issue has been inactive for quite some time, KitKat has made the decision to close it.

Internal reference, for more on this decision: pdqkMK-14B-p2

If you think this issue warrants another look, here are some next steps!

Report anew: A new report with more current details and steps to replicate may be the best way to renew attention on this issue. Feel free to refer back to this closed issue in your report!
Reopen: If you feel the issue still matches the context/history here, you can also reopen the issue and add fresh logs, screenshots and steps to reproduce.

Thanks for your involvement!

📌 ADDITIONAL NOTES

While reviewing for closure, I ran a quick test on a test site using Firefox 116.0.2 (64-bit) on Mac OS 13.4.1 using the sample comment above. Tags present did not change from editing the comment via calypso. This issue may have seen improvement through other updates over time.

github-actions[bot] commented 1 year ago

Support References

This comment is automatically generated. Please do not edit it.

[ ] 1910665-zen

Automattic / wp-calypso