Does anyone know why this is happening?
I am just a user of that forum.
The code tag doesn't escape html. Plain and simple. I would also have expected another behavior. If you are just a user, you're lost. If you have access to the source code, you could try to fix that. Best would be to report it on GitHub (and offer your fix if you found one).
The most current version (which is used here) still has it's problems with html:
if you can reproduce it on a clean install with the same formatter but no addons/pluigns then you can report it to github
2.1b1 is beta software.
grep is your friend.
@R_J yes he is wrong about "No URLs should be changed to links in the post's code segment." I mean that isn't the case with html in general anyway (or it simply wouldn't render that was in browser). It would need html special characters to display it as such. Just becuase some formatters may convert, doesn't mean it is how it should be or the only way.
However I understand he is also reporting a difference between OP and the next comment.
That's what I am talking about. Why does < code > has problems with HTML? Code is meant to display text without formatting anything.
I hope one of the coders can give it a quick fix. http://php.net/htmlspecialchars
And yes. The other funny thing is that OP's html in < code > is properly escaped, but not replies. I would test it here, but edit is only allowed for 15 minutes and I don't want to spam threads.
@slawa this is a beta version i already told you what to do.
Yes typically htmlspecialchars should NOT be applied automatically. However that is a decision for the framework. Some do some don't.
Note you also have auto-ilinking which is when you put an url without any tags e.g.