#4166 500 Error On Discussion Board [25540]

v1.0.0
closed
Jenny Steele
support (446)
General
nobody
2015-08-20
2012-05-08
Chris Tsai
No

https://sourceforge.net/apps/trac/sourceforge/ticket/25540

I was replied to on this board
https://sourceforge.net/p/openrokn/discussion/general/thread/9dd0371c/
and its very important but its giving me a 500 error

Also: perhaps we should consider ways for this to fail more gracefully? Like just showing the raw text for this if it errors in processing? So that folks can still get at the content instead of just being locked out?

Related

Tickets: #4194

Discussion

  • Dave Brondsema

    Dave Brondsema - 2012-05-08

    Error is:

    Module /var/local/allura/Allura/allura/templates/widgets/post_widget.html:23 in top-level template code
<<                  <b>{{value.subject or '(no subject)'}}<br/></b>
                   {% endif %}
                   {{g.markdown.convert(value.text)|safe}}&nbsp;
                   {{lib.related_artifacts(value)}}
                   {% if value.edit_count %}
>>  {{g.markdown.convert(value.text)|safe}}&nbsp;
Module allura.lib.stats:57 in inner
<<                  return func(*l, **kw)
                   with stats.timing(self.timer):
                       return func(*l, **kw)
               inner.__name__ = func.__name__
               return inner
>>  return func(*l, **kw)
Module markdown:412 in convert
<<                  else:
                           # We have a serious problem
                           message(CRITICAL, 'Failed to strip top level tags.')

               # Run the text post-processors
>>  message(CRITICAL, 'Failed to strip top level tags.')
Module markdown:112 in message
<<              sys.exit(0)
           elif level > WARN:
               raise MarkdownException, text
           else:
               warnings.warn(text, MarkdownWarning)
>>  raise MarkdownException, text
MarkdownException: Failed to strip top level tags.
     

  • Dave Brondsema

    Dave Brondsema - 2012-05-08
    • milestone: limbo --> forge-jun-01
     

  • Dave Brondsema

    Dave Brondsema - 2012-05-08

    Not sure if it'll help, but we should upgrade our Markdown package

     

  • Anonymous - 2012-05-09

    Originally by: kavulix

    To reproduce this bug try creating a new topic with the following text (3 spaces before the orml tag, 6 spaces before the channel tag). If there are only 3 spaces preceding the orml tag then the preview button won't work. Clicking preview has no effect at all. If you then click the post button it will result in the http 500 error. Adding a fourth space prior to the orml tag or converting the < character to a html entity will then allow you to use the preview button.

    <orml version="1.1" xmlns="http://sourceforge.net/p/openrokn/home/ORML">
  <channel>

    Instead of requiring the user/poster to encode the html entities for unknown html tags, wouldn't it be safer to just compare each tag name to a list of accepted tag names? If a tag name doesn't match any known/accepted html tags then it should automatically be encoded to prevent errors. Something like the following.

    $supportedTags = array("br", "img", "hr");

$html = "<unknownTag id=\"one\"/><br/>";
$pattern = "/(?<! {4})\<([a-zA-Z]+)\s?.*?\/?\>/";
preg_match_all($pattern, $html, $matches, PREG_SET_ORDER);

foreach ($matches as $arr) {
    if (array_search($arr[1], $supportedTags) === false) {
        $replacement = htmlspecialchars($arr[0], ENT_NOQUOTES);
        $pattern2 = "/" . addcslashes($arr[0], "\\/~!@#$%^&*()_+`-={}|[]:\";'<>?,.") . "/";
        $html = preg_replace($pattern2, $replacement, $html);
    }
}

echo "$html\n";
     

    Last edit: Anonymous 2015-06-12

  • Jenny Steele - 2012-05-15

    This is the same error as [#3735]. I just added some error handling around that which will prevent the page from breaking if things get sent to markdown that it can't handle. I'll check back on this after it's pushed to make sure.

    kavulix, you can ensure code snippets display as expected by wrapping them in ~~~~ There's more info on this under "Code Highlighting" in the Formatting Help.

     

    Related

    Tickets: #3735

  • Jenny Steele - 2012-05-15
    • assigned_to: Jenny Steele
     

  • Jenny Steele - 2012-05-18
    • status: open --> validation
     

  • Jenny Steele - 2012-05-22
    • status: validation --> closed
     

Log in to post a comment.