From 999b111fce3b74890f5e6cff154bf25397992b15 Mon Sep 17 00:00:00 2001 From: Simon Backx Date: Fri, 2 Sep 2022 15:49:39 +0200 Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=90=9B=20Fixed=20paid=20email=20previ?= =?UTF-8?q?ew=20stopped=20working=20in=20emails=20(#15356)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fixes https://github.com/TryGhost/Team/issues/1870 Disables email sanitization that was enabled earlier because this bug is more important and urgent. The recently introduced email sanitzation removes HTML comments from the post html. - This breaks the email paid preview, because it depends on the `` comment. - Breaks the Outlook comments `` This commit reverts this change. --- ghost/core/core/server/services/mega/template.js | 3 ++- ghost/core/test/unit/server/services/mega/template.test.js | 6 ++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/ghost/core/core/server/services/mega/template.js b/ghost/core/core/server/services/mega/template.js index b36159fd5f..8440e96206 100644 --- a/ghost/core/core/server/services/mega/template.js +++ b/ghost/core/core/server/services/mega/template.js @@ -28,9 +28,10 @@ const sanitizeKeys = (obj, keys) => { module.exports = ({post, site, newsletter, templateSettings}) => { const date = new Date(); const hasFeatureImageCaption = templateSettings.showFeatureImage && post.feature_image && post.feature_image_caption; - const cleanPost = sanitizeKeys(post, ['title', 'excerpt', 'html', 'feature_image_alt', 'feature_image_caption']); + const cleanPost = sanitizeKeys(post, ['title', 'excerpt', 'authors', 'feature_image_alt', 'feature_image_caption']); const cleanSite = sanitizeKeys(site, ['title']); const cleanNewsletter = sanitizeKeys(newsletter, ['name']); + return ` diff --git a/ghost/core/test/unit/server/services/mega/template.test.js b/ghost/core/test/unit/server/services/mega/template.test.js index df9e6e3645..9896238144 100644 --- a/ghost/core/test/unit/server/services/mega/template.test.js +++ b/ghost/core/test/unit/server/services/mega/template.test.js @@ -120,9 +120,11 @@ describe('Mega template', function () { }); it('Correctly escapes the contents', function () { + // TODO: check html escaping based on mobiledoc instead of invalid html: https://github.com/TryGhost/Team/issues/1871 + const post = { title: 'I <3 Posts', - html: '
I am <100 years old
', + html: '
I am <100 years old
', feature_image: 'https://example.com/image.jpg', feature_image_alt: 'I <3 alt text', feature_image_caption: 'I <3 images' @@ -196,7 +198,7 @@ describe('Mega template', function () { should(html).containEql('class="custom"'); // note that some part of rendering/sanitisation removes spaces from the style description - should(html).containEql('style="font-weight:900;display:flex"'); + should(html).containEql('style="font-weight: 900; display: flex;"'); }); it('Uses the post title as a fallback for the excerpt', function () { From c02646b31dca78514f564aafc58a4fd07b40f43b Mon Sep 17 00:00:00 2001 From: Ghost CI <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 2 Sep 2022 15:04:07 +0100 Subject: [PATCH 2/2] v5.12.4 --- ghost/admin/package.json | 2 +- ghost/core/package.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ghost/admin/package.json b/ghost/admin/package.json index 262a16b31e..eb4b756969 100644 --- a/ghost/admin/package.json +++ b/ghost/admin/package.json @@ -1,6 +1,6 @@ { "name": "ghost-admin", - "version": "5.12.3", + "version": "5.12.4", "description": "Ember.js admin client for Ghost", "author": "Ghost Foundation", "homepage": "http://ghost.org", diff --git a/ghost/core/package.json b/ghost/core/package.json index 5c80eced01..f59aaa6a58 100644 --- a/ghost/core/package.json +++ b/ghost/core/package.json @@ -1,6 +1,6 @@ { "name": "ghost", - "version": "5.12.3", + "version": "5.12.4", "description": "The professional publishing platform", "author": "Ghost Foundation", "homepage": "https://ghost.org",