Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escaped charachters in blog feed #1216

Closed
ihucos opened this issue May 7, 2018 · 3 comments
Closed

Escaped charachters in blog feed #1216

ihucos opened this issue May 7, 2018 · 3 comments

Comments

@ihucos
Copy link
Contributor

ihucos commented May 7, 2018

I could not find it in production, on dev there are unescaped special html charachters:
screenshot from 2018-05-03 18-34-32

One fix would be easy:
Don't escape the description from the RSS feed:
https://github.com/liqd/a4-opin/blob/master/euth_wagtail/templates/includes/rss_import.html#L8

buuut..
That would mean we have to "trust" the feed, which is an external site to not have any HTML injection.
Possibly we could also selectively just escape the characters by using the removtags filter before unescaping... but in the end, here is the issue but not a PR since I did not see that in production.
@MagdaN
Copy link
Contributor

MagdaN commented May 7, 2018

The rss import is not used anymore, so we could remove the feature completely

@ihucos
Copy link
Contributor Author

ihucos commented May 7, 2018

Yes, so I guess this issue would be about fixing this by removing the feature

@rmader
Copy link
Contributor

rmader commented Apr 16, 2020

Duplicate of #1019

@rmader rmader marked this as a duplicate of #1019 Apr 16, 2020
@rmader rmader closed this as completed Apr 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ihucos @MagdaN @rmader