System "downloaded local copies of images" job mangles img links
-
Bug: I made a post that contained an image from an external site wrapped in an anchor linking to that image. Discourse downloaded a local copy and edited my post to point at that copy, but in the process managed to mangle the link.
It changed this
<a href="https://lh6.googleusercontent.com/-6QxWi5Y20TQ/U6FkapWvkXI/AAAAAAAAMSQ/MOHJm_x8RHo/w491-h873-no/Screenshot_2014-06-18-11-04-45.png"><img src="https://lh6.googleusercontent.com/-6QxWi5Y20TQ/U6FkapWvkXI/AAAAAAAAMSQ/MOHJm_x8RHo/w491-h873-no/Screenshot_2014-06-18-11-04-45.png" /></a>
to this
<a href="<img src='/uploads/default/2545/d9d599a353b0dcbd.png'>"><img src='/uploads/default/2545/d9d599a353b0dcbd.png' /></a>
Repro: Make a post that includes an image tag that points to an image on an external site, wrapped in a link that points to that image.
Live example: Here's an example image, hopefully system will come along and edit this so this post can be your repro. You should notice that the href of the anchor is mangled after system does it's job.
I believe the problem is related to this previous bug.
Edit: Additional problem caused by same bug
Wow, I found another related bug with this post, it seems that system also substituted the URLs in my code block examples so now they don't make sense...
If changed this code block
<a href="https://lh6.googleusercontent.com/-6QxWi5Y20TQ/U6FkapWvkXI/AAAAAAAAMSQ/MOHJm_x8RHo/w491-h873-no/Screenshot_2014-06-18-11-04-45.png"><img src="https://lh6.googleusercontent.com/-6QxWi5Y20TQ/U6FkapWvkXI/AAAAAAAAMSQ/MOHJm_x8RHo/w491-h873-no/Screenshot_2014-06-18-11-04-45.png" /></a>
To this:
<a href="<img src='/uploads/default/2545/d9d599a353b0dcbd.png'>"><img src='/uploads/default/2545/d9d599a353b0dcbd.png' /></a>
Expected result: Downloading local copies of images should not touch code blocks. It shouldn't touch anything other than the image tag that you're downloading a local copy for.
Filed under: Now you have two problems
-
Was it designed to also mangle your code sample?
-
Yes, I just spotted that, I'm editing now to explain it. I don't envy the guy that has to maintain that regex html parsing nightmare. Fix one bug get a dozen more. That code must be a rewrite candidate.
-
Was it designed to also mangle your code sample?
Discourse was designed to mangle everything.
-
-
-
-
-
-
Anybody try an XSS using a javascript image yet?