lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZtnRfnHrxVeEwTwx@biznet-home.integral.gnuweeb.org>
Date: Thu, 5 Sep 2024 22:42:54 +0700
From: Ammar Faizi <ammarfaizi2@...weeb.org>
To: Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	GNU/Weeb Mailing List <gwml@...weeb.org>,
	Alviro Iskandar Setiawan <alviro.iskandar@...weeb.org>,
	Ravel Kevin Ethan <silverwolf@...weeb.org>,
	Michael William Jonathan <moe@...weeb.org>
Subject: Public Inbox Output Broken Due to Double HTML Encoding


Hi,

We have noticed a recent issue with the lore public inbox output where
it appears to be affected by double HTML encoding. This problem
surfaced after 1 September 2024, as that was the last time we observed
the correct output.

The issue is particularly visible in email headers, where characters
such as <, >, and quotes are incorrectly encoded twice. This results in
unreadable and improperly rendered email headers. It also breaks
several links in the HTML output.

For instance, in this thread:

    https://lore.kernel.org/qemu-devel/20240905141211.1253307-1-kraxel@redhat.com/

Here's the current, broken output:
```
From: Gerd Hoffmann &lt;kraxel@...hat.com&gt;
To: qemu-devel@...gnu.org
Cc: &#34;Paolo Bonzini&#34; &lt;pbonzini@...hat.com&gt;,
	&#34;Yanan Wang&#34; &lt;wangyanan55@...wei.com&gt;,
	&#34;Zhao Liu&#34; &lt;zhao1.liu@...el.com&gt;,
	&#34;Eduardo Habkost&#34; &lt;eduardo@...kost.net&gt;,
	&#34;Richard Henderson&#34; &lt;richard.henderson@...aro.org&gt;,
	&#34;Marcel Apfelbaum&#34; &lt;marcel.apfelbaum@...il.com&gt;,
	&#34;Philippe Mathieu-Daud&#233;&#34; &lt;philmd@...aro.org&gt;,
	&#34;Michael S. Tsirkin&#34; &lt;mst@...hat.com&gt;,
```

And here's the expected output:
```
From: Gerd Hoffmann <kraxel@...hat.com>
To: qemu-devel@...gnu.org
Cc: "Paolo Bonzini" <pbonzini@...hat.com>,
	"Yanan Wang" <wangyanan55@...wei.com>,
	"Zhao Liu" <zhao1.liu@...el.com>,
	"Eduardo Habkost" <eduardo@...kost.net>,
	"Richard Henderson" <richard.henderson@...aro.org>,
	"Marcel Apfelbaum" <marcel.apfelbaum@...il.com>,
	"Philippe Mathieu-Daudé" <philmd@...aro.org>,
	"Michael S. Tsirkin" <mst@...hat.com>,
	"Gerd Hoffmann" <kraxel@...hat.com>
```

It seems like the encoding process is being applied redundantly, causing
special characters like &lt; (for <) and &gt; (for >) to render
improperly. This double encoding affects both usability and
readability, especially when dealing with email threads that rely
heavily on clear headers for communication between contributors.

For reference, I have also attached a screenshot of the output, which
can be found here:

    https://gist.github.com/ammarfaizi2/bbb1480822ece70cf2d261e876bd7ba2

It would be great if this could be resolved as soon as possible to
restore the proper display of inbox outputs.

Thank you for your attention to this matter!

-- 
Ammar Faizi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ