search

mjmlio / mjml

MJML: the only framework that makes responsive-email easy
https://mjml.io
MIT License
17.08k stars 960 forks source link

Upgraded 3.x->4.x, now "<b>" tags getting escaped? #2771

Closed GeoffreyPlitt closed 11 months ago

GeoffreyPlitt commented 1 year ago

We are upgrading from 3.3.5 to 4.14.1.

Our templates are sometimes escaping tags that used to work. For example, <b>hello</b> used to output as bolded "hello", but now it outputs as &lt;b&gt;hello&lt;/b&gt;.

We weren't able to migrate these situations since many are generated in-code and not sitting in mjml files.

Is there a way to get back the old behavior?

iRyusa commented 1 year ago

Maybe you can provide a snippet to reproduce ? It shouldn’t happen.On 3 Nov 2023, at 20:17, Geoffrey Plitt @.***> wrote: We are upgrading from 3.3.5 to 4.14.1. Our templates are sometimes escaping tags that used to work. For example, "hello" used to output as bolded "hello", but now it outputs as <b>hello</b>. We weren't able to migrate these situations since many are generated in-code and not sitting in mjml files. Is there a way to get back the old behavior?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>

GeoffreyPlitt commented 1 year ago

Here's a portion of the template that might provide enough context (I was wrong that this part is generated in code, this is indeed in a mjml file):

`

Hi {{toUserName}}!

{{title}}

`

It's the <b>{{toUserName}}!</b> part which is getting escaped.

iRyusa commented 1 year ago

There’s no mj-container in your snippet so it’s already MJML 4 code.On 3 Nov 2023, at 20:23, Geoffrey Plitt @.***> wrote: Here's a portion of the template that might provide enough context (I was wrong that this part is generated in code, this is indeed in a mjml file):

Hi {{toUserName}}!

{{title}}

 It's the {{toUserName}}! part which is getting escaped. —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
GeoffreyPlitt commented 1 year ago

Not sure I understand, because the problem remains. Instead of actual <b> tags, they're being escaped:

<p style="color: #676767;">&lt;b&gt;username123&lt;/b&gt;</p>

Seems to only happen with <b> tags.

How do we stop this?

GeoffreyPlitt commented 1 year ago

For more context, we wished we could remain on the old version of MJML, but we have to upgrade due to vulnerabilities. So we need to find out how to use 4.x but get the 3.x behavior for bold tags.

iRyusa commented 1 year ago

MJML4 doesn't escape tag as MJML3 was doing.

So it's most likely an issue in your pipeline and not in MJML.

If you just take your code in the try it live https://mjml.io/try-it-live/KDMrqyAL9s you see that everything is fine.

iRyusa commented 11 months ago

I think we can close here as we can't reproduce