Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-10 23:36:14 -05:00
Code Issues Activity

🐛 Fixed paid email preview stopped working in emails (#15356)

Browse source 
fixes https://github.com/TryGhost/Team/issues/1870

Disables email sanitization that was enabled earlier because this bug is more important and urgent.

The recently introduced email sanitzation removes HTML comments from the post html.
- This breaks the email paid preview, because it depends on the `<!--members-only-->` comment.
- Breaks the Outlook comments `<!--[if !mso !vml]-->`

This commit reverts this change.
This commit is contained in:
Simon Backx 2022-09-02 15:49:39 +02:00 committed by GitHub
parent 7650ecafeb
commit 999b111fce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ghost/core/core/server/services/mega/template.js
View file

@ -28,9 +28,10 @@ const sanitizeKeys = (obj, keys) => {
module.exports = ({post, site, newsletter, templateSettings}) => {
const date = new Date();
const hasFeatureImageCaption = templateSettings.showFeatureImage && post.feature_image && post.feature_image_caption;
const cleanPost = sanitizeKeys(post, ['title', 'excerpt', 'html', 'feature_image_alt', 'feature_image_caption']);
const cleanPost = sanitizeKeys(post, ['title', 'excerpt', 'authors', 'feature_image_alt', 'feature_image_caption']);
const cleanSite = sanitizeKeys(site, ['title']);
const cleanNewsletter = sanitizeKeys(newsletter, ['name']);
return `<!doctype html>
<html>

6
ghost/core/test/unit/server/services/mega/template.test.js
View file

@ -120,9 +120,11 @@ describe('Mega template', function () {
});
it('Correctly escapes the contents', function () {
// TODO: check html escaping based on mobiledoc instead of invalid html: https://github.com/TryGhost/Team/issues/1871
const post = {
title: 'I <3 Posts',
html: '<div class="post-content-html">I am <100 years old</div>',
html: '<div class="post-content-html">I am &lt;100 years old</div>',
feature_image: 'https://example.com/image.jpg',
feature_image_alt: 'I <3 alt text',
feature_image_caption: 'I <3 images'
@ -196,7 +198,7 @@ describe('Mega template', function () {
should(html).containEql('class="custom"');
// note that some part of rendering/sanitisation removes spaces from the style description
should(html).containEql('style="font-weight:900;display:flex"');
should(html).containEql('style="font-weight: 900; display: flex;"');
});
it('Uses the post title as a fallback for the excerpt', function () {