We HTML escape all the text in the shelby comments before rendering them. We then split the comments into two parts (second part hidden) if the comment is longer than 256 characters. This can result in an escape sequence being split into two parts, destroying its meaning to the browser and displaying junk at the end of the first part and beginning of the second part.
We HTML escape all the text in the shelby comments before rendering them. We then split the comments into two parts (second part hidden) if the comment is longer than 256 characters. This can result in an escape sequence being split into two parts, destroying its meaning to the browser and displaying junk at the end of the first part and beginning of the second part.
We should split the comment BEFORE escaping it.