Hehe yes, I think we have a few issues and all of them are linked together. I think you can focus on your original fix and once that is merged, we can deal with whatever else is to handle so we don’t undo any previous fix by mistake.

Fun fact: I've separated each word of this sentence with an  

While I understand the viewpoint that what you type into the input is what should be displayed back to you. It’s certainly not a paradigm that’s universal across the internet.

I do think that it shouldn’t be escaped within a code snippet, which is currently happening:

All paid, and job closed!

• The PR that introduced the bug has been identified: The bug is upstream. But I think the upstream PR is https://github.com/Expensify/expensify-common/pull/232
• The offending PR has been commented on: Not sure this applies here. cc @yuwenmemon
• A discussion in #expensify-bugs has been started: Same ^

Regression Test Proposal

1. Open any chat
2. Send & as a message
3. Verify the sent text shows &

Expensify common PR is merged.

I have opened the App PR.

cc: @s77rt

I think I understand now.

PR is up.

Got it 👍. I will open the PR in a few hours.

@jliexpensify Here is my Upwork profile: https://www.upwork.com/freelancers/~0186b1d7cc69656f22

I’ll update my name to match this

@yuwenmemon I see. But actually, I just realized that we may still need to escape it on E/App in case the text length is more than the max markup length.

https://github.com/Expensify/App/blob/9953eb896f60b676efd27541564a66326cbbcd34/src/libs/ReportUtils.js#L842-L845

@jliexpensify here is my upwork profile https://www.upwork.com/freelancers/~013e648527fa0266fd

Hired @s77rt . @esh-g and @bernhardoj - I can’t find you on Upworks, can you:

1. Send me your Upworks names or profiles
2. Edit your GH accounts to show your full names (so we can find you in the future)

FYI: this is the original PR (reviewer look familiar? 😄): https://github.com/Expensify/expensify-common/pull/232

yeah the RCA thing was a bug - and agreed to revert to $1000. Thanks!

Re-assigning to @yuwenmemon (discussed 1:1) as he has more context here

Proposal

Please re-state the problem that we are trying to solve in this issue.

If the message has HTML entities like <, &nbsp, it’s not showing as is in the chat.

What is the root cause of that problem?

This is because we’re unescaping HTML entities when displaying the message in the chat in here https://github.com/Expensify/App/blob/ce229bc1812ded576ce29d007fa3c03be8d1cd75/src/pages/home/report/ReportActionItemFragment.js#L123. The message was not properly encoded before so this decoding means the HTML entities in our message will be unexpectedly changed.

What changes do you think we should make in order to solve the problem?

We can htmlEncode the message when we parse it to HTML right after this line https://github.com/Expensify/expensify-common/blob/2e6d46d1c6227974f27475aa00d8cd7963bdde8b/lib/ExpensiMark.js#L308 We can add replacedText = Str.htmlEncode(replacedText);, then the message will be html-encoded and subsequently decoded properly when we display it.

What alternative solutions did you explore? (Optional)

We should remove Str.htmlDecode in https://github.com/Expensify/App/blob/ce229bc1812ded576ce29d007fa3c03be8d1cd75/src/pages/home/report/ReportActionItemFragment.js#L123 and other places if needed (basically any places that display the message should not be using Str.htmlDecode)