HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Retroactive changes to HTML parsing in posts
jamesinc
✭✭
I've got an issue with my long-running Vanilla forum. There are lots of older posts that include HTML tables, and something in the rendering side of things has led to these tables now be displayed as plaintext (i.e. <
is being translated to <
)
A lot of these older posts contain information with a very long useful lifespan and I would like to not have this sort of content rot on my forum.
How can I make the renderer ignore these older posts? They are all stored in the DB with Format=BBCode, but the forum uses the Rich editor these days.
Running Vanilla 3.3
Tagged:
0
Comments
I suspect HTML support was removed from the BBCode parser. Is there also BBCode mixed in those posts?
I was curious and created a BBCode post in my test forum:
And this is how it looks like:
Can it be caused by another plugin? Have you taken a look at what is stored on DB level?
@R_J I think my original post was vague around this - your DB input and rendered output are consistent with mine. The DB has HTML stored in the post body, but when rendered to the page it is being escaped and displays as html-as-text, same as yours.
I have tried to dig a little deeper and found that the NBBC parser doesn't allow to specify safe html tags. There is the following code in the parser which gives a hint on what to do to allow some tags:
You would need to replace the BBCodeFormatter of Vanilla too to use a customized Nbbc instance, I guess. But even then, I personally wouldn't know a good way to only allow table tags
There is a more simple but more dangerous possibility though: you can allow all tags. I tried to use a script tag but that was filtered, so it might be quite safe since you only use it for old posts: