[Bug]: Partisan collective is outputting raw HTML

geeksforsocialchange / PlaceCal

Bring your community together

https://placecal.org

GNU Affero General Public License v3.0

16 stars 6 forks source link

[Bug]: Partisan collective is outputting raw HTML #2472

Open kimadactyl opened 3 months ago

kimadactyl commented 3 months ago

Description

Partisan is getting imported via a Wordpress plugin. This is showing raw HTML tags.

Steps to reproduce

Go to here: https://trans-dimension-manchester.placecal.org/events/381109
See <p> tags in the clear

What you expected to happen

HTML to be properly formatted

Platform (if relevant)

What device and browser were you using?

kimadactyl commented 3 months ago

Possibly for this we need to add a calendar setting to select input type?

kimadactyl commented 3 weeks ago

Can't work out how widespread this is - if theres any other examples please link share here

katjam commented 3 weeks ago

I think it's significant enough even if it is only Partisan, because it's all of their events.

At a minimum we could strip the tags if it's not simple to render the markdown as html.

kimadactyl commented 3 weeks ago

At a minimum we could strip the tags if it's not simple to render the markdown as html.

Theoretically this is how it works already - everything gets put through a bunch of filters to strip out harmful tags, convert to markdown, and convert back to html - something is going awry and it's going to take a lot of faff to unpick it. Still doable obviously but it's not a trivial fix.