search

microsoft / vscode

Visual Studio Code
https://code.visualstudio.com
MIT License
164.51k stars 29.39k forks source link

[html] handle HTML-escaped characters in links #116840

Open rjgotten opened 3 years ago

rjgotten commented 3 years ago

Issue Type: Bug

Given trivial HTML or XML content that contains a url with a valid entity escape code:

<a href="https://www.example.com/foo.html?bar&amp;baz">Link</a>

Expected behavior The clickable hyperlink directs the user to https://www.example.com/foo.html?bar&baz

Actual behavior The clickable hyperlink directs the user to a corrupted version of the url. The type of corruption differs between XML and HTML document contexts.

In an XML context, &amp; is left verbatim and the clickable link directs the user to https://www.example.com/foo.html?bar&amp;baz.

In an HTML context, the & in the &amp; HTML entity is double-escaped using percentage encoding and the user is directed tohttps://www.example.com/foo.html?bar%26amp%3Bbaz.

Impact Not just limited to HTML or XML documents. Can confirm that among other things, this also breaks <seealso href="..." /> type links in C# XMLDoc. Both the in-document clickable link and the link rendered in the popup documentation tooltip.

VS Code version: Code 1.52.1 (ea3859d4ba2f3e577a159bc91e3074c5d85c0523, 2020-12-16T16:34:46.910Z) OS version: Windows_NT x64 10.0.18363

System Info |Item|Value| |---|---| |CPUs|Intel(R) Xeon(R) CPU E5-1603 v4 @ 2.80GHz (4 x 2794)| |GPU Status|2d_canvas: enabled
flash_3d: enabled
flash_stage3d: enabled
flash_stage3d_baseline: enabled
gpu_compositing: enabled
multiple_raster_threads: enabled_on
oop_rasterization: disabled_off
opengl: enabled_on
protected_video_decode: unavailable_off
rasterization: enabled
skia_renderer: disabled_off_ok
video_decode: enabled
vulkan: disabled_off
webgl: enabled
webgl2: enabled| |Load (avg)|undefined| |Memory (System)|15.92GB (4.23GB free)| |Process Argv|--crash-reporter-id 3bd078e3-b0bf-4d5c-a65c-a246d819c6d9| |Screen Reader|no| |VM|0%|
Extensions (6) Extension|Author (truncated)|Version ---|---|--- alignment|ann|0.3.0 vscode-eslint|dba|2.1.14 DocFX|ms-|0.1.3 csharp|ms-|1.23.2 vetur|oct|0.32.0 material-icon-theme|PKi|4.5.0
gjsjohnmurray commented 3 years ago

Please update to the current release (1.53.2) and re-test.

rjgotten commented 3 years ago

@gjsjohnmurray Just did.

Using 1.53.2, documents in both XML and HTML context act as the previously reported erroneous XML case. That is: &amp; is left verbatim in the url.