Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Transmogrifier's bug with HTML entities
Due to Transmogrifier parses entity-escaped texts, there is a problem with html-entities. For example, we have a rule in config.txt as follow:
And we have text like this:
I suggest following fix in Transmogrifier/default.php:
I know, this looks dirty and unpretty, but it works and I can't find better solution for this moment.
;) == <img alt=";)" src="./images/smiles/wink.gif" />And we have text like this:
("A quoted text in brackets")When Transmogrifier's parser starts, he gets entity-escaped text, it looks as follow:
("A quoted text in brackets")Then Transmogrifier's parser starts replace of it's tokens and replaces out ";)". Finally we've got:
("A quoted text in brackets"<img alt=";)" src="./images/smiles/wink.gif" />As you can see, this example works unexpected and breaks valid XHTML markup.
I suggest following fix in Transmogrifier/default.php:
$value = preg_split("/\s*==\s*/", $line, 2);
$this->token[$counter] = '/(?<!&[A-Za-z]{2}|&[A-Za-z]{3}|&[A-Za-z]{4}|&[A-Za-z]{5}|&[A-Za-z]{6}|&#\d{2}|&#\d{4}|&#x[0-9A-Fa-f]{2}|&#x[0-9A-Fa-f]{4})'.preg_quote($value[0]).'/';
$this->tokenValue[$counter] = $value[1];I know, this looks dirty and unpretty, but it works and I can't find better solution for this moment.
0
This discussion has been closed.
Comments
'/(?<!&(?>[A-Za-z_\-]+|#(?>[xX][A-Fa-f\d]+|\d+)))'.preg_quote($value[0]).'/';Warning: preg_replace(): Compilation failed: lookbehind assertion is not fixed length at offset 46 in ...../forum/extensions/Transmogrifier/default.php on line 56To handle longer html entities you may add several "&[A-Za-z]{X}" for each entity length in my regexp.
the problem, though, is that entities aren't really limited in length. you could have ! or !, and they'd both come out as an exclamation mark.