Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-91222

Markdown parser improperly handles certain HTML payloads

    XMLWordPrintable

Details

    • All
    • 362e56b520cd5f3efcc7600d558b515a8aec6a79 (qt/qtbase/dev) f2e5039738557023a921a68ecd5fb81bdb4f2efc (qt/qtbase/6.2)

    Description

      Using a naïve Markdown to HTML converter:

      QTextDocument d;

      d.setMarkdown(input); // Assume GFM with HTML enabled

      std::cout << d.toHtml().toStdString() << std::endl;

      The following HTML payload (which is also valid GFM):

      <b>x&lt;</b>

      gets converted to

      &lt;<span style=" font-weight:600;">x</span>

      (that's right, the escaped < ends up coming before the bold span). Meanwhile, the following payload:

      <b>&amp;</b>

      literally strips <b> (or whatever other element it would have been put to), becoming

      &amp;

      (boilerplate HTML before and after the key portion omitted).

      Attachments

        Issue Links

          For Gerrit Dashboard: QTBUG-91222
          # Subject Branch Project Status CR V

          Activity

            People

              srutledg Shawn Rutledge
              alexey.rusakov Alexey Rusakov
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes