`link_shared` event mangles the URL

[JonasOlson]

Description

When subscribing to link_shared events, the URLs received in the event aren't always exactly what was written in the message. Specifically, & turn into &, as if having been through HTML character encoding, but never converted back.

What type of issue is this? (place an x in one of the [ ])

• [x] bug
• [ ] enhancement (feature request)
• [ ] question
• [ ] documentation related
• [ ] testing related
• [ ] discussion-

Requirements

• [x] I've read and understood the Contributing guidelines and have done my best effort to follow them.
• [x] I've read and agree to the Code of Conduct.
• [x] I've searched for any related issues and avoided creating a duplicate issue.

Bug Report

Reproducible in:

slackeventsapi version: 2.1.0 python version: 3.6.7 OS version(s): Ubuntu 18.04.2

Steps to reproduce:

1. Set your Slack app to subscribe to link_shared events for the domain example.com.
2. Have your Slack app to print out incoming events. (See below for an example app to use.)
3. In Slack, write a message consisting of the string https://example.com/?a=0&b=1.

Expected result:

The URL field of the received event holds the unmodified URL https://example.com/?a=0&b=1.

Actual result:

The URL field of the received event holds https://example.com/?a=0&b=1.

Example of received event:

{'channel': 'C1TT2EJ7K',
           'links': [{'domain': 'example.com',
                      'url': 'https://example.com/?a=0&b=1'}],
           'message_ts': '1553472186.004100',
           'type': 'link_shared',
           'user': 'U1TT79QSE'}

Attachments:

App code to reproduce the issue:

#!/usr/bin/env python3                                                                               

from slackeventsapi import SlackEventAdapter                                                         
import os                                                                                            
from pprint import pprint                                                                            

slack_signing_secret = os.environ["SLACK_SIGNING_SECRET"]                                            
slack_events_adapter = SlackEventAdapter(slack_signing_secret, "/slack/events")                      

# Subscribe to, and print, incoming link events.                                                     
@slack_events_adapter.on('link_shared')                                                              
def link_shared(event_data):                                                                         
    pprint(event_data['event'])                                                                      

# Start server with a `/slack/events` endpoint.                                                      
slack_events_adapter.start(port=8000)

Edit: Changed two occurrences of "client" to "app", which is what I meant to say all along.

Edit: Fixed typo "ap" → "app".

[wittekm]

(Hello! I've also encountered this.)

[seratch]

Thanks for reporting this issue. I dug into this and found it's a known server-side issue.

I'm sorry to say, but server-side engineering teams don't have immediate plans to fix this. Also, I think having some hidden modification of payloads in this library may bring unnecessary complexity to developers. So, regarding this, I'm not planning to make any changes to this library side.

As a simple workaround, please consider using html.unescape(str) method to get the original URLs. Similarly, HTMLParser.unescape(str) is available for Python 2.7.

(env) $ python
>>> import html
>>> html.unescape("https://www.example.com/?foo=bar&baz=123")
'https://www.example.com/?foo=bar&baz=123'

For your information, the structure of the payload is as below:

{
    "token": "xxx",
    "team_id": "T111",
    "api_app_id": "A111",
    "event": {
        "type": "link_shared",
        "user": "U111",
        "channel": "C111",
        "message_ts": "1591946049.006100",
        "links": [
            {
                "url": "https://www.example.com/?foo=bar&baz=123",
                "domain": "example.com"
            },
            {
                "url": "https://www.example.com/?foo=bar&baz=123",
                "domain": "example.com"
            }
        ],
        "event_ts": "1591946049.870607"
    },
    "type": "event_callback",
    "event_id": "Ev111",
    "event_time": 1591946049,
    "authed_users": [
        "U111",
        "U222"
    ]
}

We leave this issue open until the issue on the server-side will be fixed in the future.

[github-actions[bot]]

👋 It looks like this issue has been open for 30 days with no activity. We'll mark this as stale for now, and wait 10 days for an update or for further comment before closing this issue out.

[seratch]

As mentioned above, we don't have any plans to work on this issue at least in the short term. Let us close this issue now.