You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First, thanks for writing this. Makes hipchat so much better to use. One problem I've noticed, though, is that messages that include what could be markup tags aren't handled correctly. Super easy to reproduce - just type a message like "". The official hipchat client renders this correctly. Adium with this message style does not - the message shows up as empty, presumably because the browser engine sees this and tries to render the tag.
I was able to "fix" this by going into Contents/Resources/Footer.html and commenting out the lines of code in scrubHTML() that unescape HTML entities. But obviously that breaks all the nice formatting of other HTML tags, which sucks. I've left things as originally written for now, but this would be a nice thing to have fixed. Hopefully there's a good way to fix this without having to resort to a whitelist of known HTML tags to escape. Thoughts?
The text was updated successfully, but these errors were encountered:
First, thanks for writing this. Makes hipchat so much better to use. One problem I've noticed, though, is that messages that include what could be markup tags aren't handled correctly. Super easy to reproduce - just type a message like "". The official hipchat client renders this correctly. Adium with this message style does not - the message shows up as empty, presumably because the browser engine sees this and tries to render the tag.
I was able to "fix" this by going into Contents/Resources/Footer.html and commenting out the lines of code in scrubHTML() that unescape HTML entities. But obviously that breaks all the nice formatting of other HTML tags, which sucks. I've left things as originally written for now, but this would be a nice thing to have fixed. Hopefully there's a good way to fix this without having to resort to a whitelist of known HTML tags to escape. Thoughts?
The text was updated successfully, but these errors were encountered: