One thread - formatting messed up

tingo

Son of Beastie

Reaction score: 628
Messages: 2,526

Haven't seen this before, one specific thread has "side-by-side" formatting of posts. Screenshot:
(it looks the same in Chromium too).
 

Attachments

  • FreeBSD_forums_mangled_thread_Screenshot_2021-04-10_20-09-23.png
    FreeBSD_forums_mangled_thread_Screenshot_2021-04-10_20-09-23.png
    327.1 KB · Views: 31

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,604
Messages: 37,927

Somebody posted a [url] in an [anchor]. That screws up the layout. Should be fixed now.
 

Zirias

Daemon

Reaction score: 1,341
Messages: 2,362

That's the second time this happens in a short period of time. Can you assure this at least doesn't allow any injections? :eek:
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,604
Messages: 37,927

I was thinking about removing the button for [anchor]. A lot of new users seem to "abuse" it instead of using [file]filename[/file].
 

ShelLuser

Son of Beastie

Reaction score: 2,081
Messages: 3,780

It's not only about anchors though, I recently managed to mess up [cmd] and [/file] and that also caused quite a mess. Managed to fix that myself though.

.. come to think of it, I'm not fully sure what code caused it again, but it was something I messed up: using an unmatched pair (I always type out the BBCode).
 

Zirias

Daemon

Reaction score: 1,341
Messages: 2,362

Refresh/reload the page.
shkhln asked about the underlying issue, that might have security implications.

(it definitely is that kind of "oops, what's that?" event that's often the first step to discover a serious security issue…)
 

vigole

Daemon

Reaction score: 1,330
Messages: 1,194

More items, harder to find the problem. Users love their widgets, and admin has to pay for it! I think some of the items are not necessary. Some users may whine. Whatever.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 11,604
Messages: 37,927

Yeah, need to tweak that toolbar a bit. Move more important things to the front (code and file for example) and less used (fonts, anchor) further back. But my browser doesn't seem to like it though. I can pick up the icons and drag them around but it never lets go of the selection.
 

Zirias

Daemon

Reaction score: 1,341
Messages: 2,362

Yeah, need to tweak that toolbar a bit.
Don't want to nag here, but still: that won't do. If there is a way for user input to mess up layout, XSS might be already possible or isn't far. In that case, it doesn't matter whether it's accessible via a toolbar, whoever wants to exploit it doesn't care for toolbars. Please get to the bottom of this problem…
 

shkhln

Daemon

Reaction score: 918
Messages: 2,141

This forum version seem to indiscriminately escape <, > and " everywhere (in user input, that is), so XenForo devs likely papered over most issues.
 

memreflect

Active Member

Reaction score: 178
Messages: 210

BB code is about as safe as any other tag-based markup language. Some things like man pages appear especially odd if you miss the '/' character on the closing tag for example:
Code:
[man=1]sh[man]

The contents of this code block were copied and pasted below this code block.
The attached image is the resulting preview of that section.

2021-04-10-230246_992x183_scrot.png

Maybe MAN and PORT tags aren't a problem from a security perspective, but the image does illustrate what happens when you don't check the output of your BB code. We're all human (I think?), so similar mistakes will assuredly be made in the future.
 

shkhln

Daemon

Reaction score: 918
Messages: 2,141

BB code is about as safe as any other tag-based markup language.
The traditional way of implementing bbcodes is mere text substitution, so they don't really qualify as a markup language. There is no data structure that can be checked for invalid combinations of nested tags, there are no parsing rules whatsoever. For example, [URL=[ANCHOR]1[/ANCHOR]]2[/URL] is a perfectly "valid" piece of bbcode and it generates a garbage result: 1[/ANCHOR]]2.
 

memreflect

Active Member

Reaction score: 178
Messages: 210

The traditional way of implementing bbcodes is mere text substitution, so they don't really qualify as a markup language. There is no data structure that can be validated for invalid combinations of nested tags, there are no parsing rules whatsoever. For example, [URL=[ANCHOR]1[/ANCHOR]]2[/URL] is a perfectly "valid" piece of bbcode and it generates a garbage result: 1[/ANCHOR]]2.
The syntax is just very reminiscent of HTML to me, so thank you for the correction. It seems it's more like the old HELPMAKE/QuickHelp markup format used in the days of DOS, albeit in a different form:

Rich (BB code):
QuickHelp    \b+Bold \u+Underline \b-Bold \u-Underline
BB code      [B]+Bold [U]+Underline [/B]-Bold [/U]-Underline
(improper nesting)
BB code      [B]+Bold [U]+Underline [/U][/B][U]-Bold [/U]-Underline
(proper nesting)
Rendering    +Bold +Underline -Bold -Underline

The BB code will be reformatted to make the tags nest properly when toggling the BB code on/off, which does make it seem like there's a direct translation from BB code to HTML. In any case, it's clear to me now: the algorithm used to convert from BB code to HTML is far simpler than any algorithm used to parse broken HTML. That could be considered a good thing since the recipe for tag soup is nothing but trouble.
 
Top