search

maubot / gitlab

A GitLab client and webhook receiver for maubot.
GNU Affero General Public License v3.0
95 stars 30 forks source link

Bot is sending illegal html attributes #63

Open krille-chan opened 2 years ago

krille-chan commented 2 years ago

In the Matrix spec it is very hard specified which HTML tags and attributes are allowed in formatted messages. When using the native setInnerHtml method with a node validator in a browser, it complains a lot in the logs which afaik can't be muted:

Removing disallowed attribute <SPAN title="Issues relevant to the frontend team"> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <SPAN title="This issue is intended to be the place for an open discussion about a specific topic."> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 4 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <SPAN title="Issues that are actionable / can be picked up for work"> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <SPAN title="In progress"> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> 2 [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <SPAN title="Issues relevant to the frontend team"> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <SPAN title="This issue is intended to be the place for an open discussion about a specific topic."> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <STRONG data-mautrix-exclude-plaintext=""> [main.dart.js:12596:47](https://famedly.gitlab.io/company/frontend/famedly-web/main.dart.js)
Removing disallowed attribute <A data-mautrix-exclude-plaintext="">

Is there an alternative for using "title" or "data-*" attributes?

tulir commented 2 years ago

The Matrix spec doesn't have any hard specification on which HTML tags and attributes are allowed, it only has a recommendation for what to allow when rendering.