Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-91222

Markdown parser improperly handles certain HTML payloads

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Reported
    • Priority: P2: Important
    • Resolution: Unresolved
    • Affects Version/s: 5.15.2
    • Fix Version/s: None
    • Component/s: GUI: Text handling
    • Labels:
      None
    • Platform/s:
      All

      Description

      Using a naïve Markdown to HTML converter:

      QTextDocument d;

      d.setMarkdown(input); // Assume GFM with HTML enabled

      std::cout << d.toHtml().toStdString() << std::endl;

      The following HTML payload (which is also valid GFM):

      <b>x&lt;</b>

      gets converted to

      &lt;<span style=" font-weight:600;">x</span>

      (that's right, the escaped < ends up coming before the bold span). Meanwhile, the following payload:

      <b>&amp;</b>

      literally strips <b> (or whatever other element it would have been put to), becoming

      &amp;

      (boilerplate HTML before and after the key portion omitted).

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            srutledg Shawn Rutledge
            Reporter:
            alexey.rusakov Alexey Rusakov
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:

                Gerrit Reviews

                There are no open Gerrit changes