When saving from Source mode, the editor is supposed to submit only the source wiki syntax, not the HTML. Inspecting the HTTP requests sent by the editor shows that it is in fact sending the HTML when the source area doesn't have any changes.
Submitting the HTML from Source mode shouldn't be a problem normally, but it's not optional because it triggers a useless conversion when we already know the source wiki syntax. BUT, the submitted HTML is not exactly the same as the one submitted from the WYSIWYG mode. Precisely, the value of some attributes (used to mark in-line editable macros) is not property escaped:
Surprisingly, for me, the HTML submitted from Source mode is obtained using the standard innerHTML property, which is supposed to produce valid HTML. So it seems the server-side rendering module is not as permissive with unescaped special HTML characters in attribute values.
Marius Dumitru Florea on 10/Jun/24 10:44
There are two problems here:
* When saving from Source mode, the editor is supposed to submit only the source wiki syntax, not the HTML. Inspecting the HTTP requests sent by the editor shows that it is in fact sending the HTML when the source area doesn't have any changes. * Submitting the HTML from Source mode shouldn't be a problem normally, but it's not optional optimal because it triggers a useless conversion when we already know the source wiki syntax. BUT, the submitted HTML is not exactly the same as the one submitted from the WYSIWYG mode. Precisely, the value of some attributes (used to mark in-line editable macros) is not property escaped:
Surprisingly, for me, the HTML submitted from Source mode is obtained using the standard {{innerHTML}} property, which is supposed to produce valid HTML. So it seems the server-side rendering module is not as permissive with unescaped special HTML characters in attribute values.
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6)
If image attachments aren't displayed, see this article.
