App: [HOLD for payment 2023-06-23] [$1000] Invalid html code with large digit crashes android app and throws console error on other platforms

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

Action Performed:

  1. Open the app in android
  2. Open any report
  3. Send invalid html code with large digit eg: �

Expected Result:

App shouldn’t crash or provide console error on sending invalid html codes with large digit

Actual Result:

App crashes in android and provides console error on other devices when we send invalid html codes with large digit

Workaround:

Can the user still use Expensify without this being fixed? Have you informed them of the workaround?

Platforms:

Which of our officially supported platforms is this issue occurring on?

  • Android / native
  • Android / Chrome
  • iOS / native
  • iOS / Safari
  • MacOS / Chrome / Safari
  • MacOS / Desktop

Version Number: 1.3.20-0 Reproducible in staging?: y Reproducible in production?: y If this was caught during regression testing, add the test name, ID and link from TestRail: Email or phone of affected tester (no customers): Logs: https://stackoverflow.com/c/expensify/questions/4856 Notes/Photos/Videos: Any additional supporting documentation

https://github.com/Expensify/App/assets/43996225/62235857-75dd-4e44-acd6-8365e8d14418

https://github.com/Expensify/App/assets/43996225/76f983d8-2c4f-45b1-bc5b-33ae7dbcbf89

Expensify/Expensify Issue URL: Issue reported by: @dhanashree-sawant Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1685098437111809

View all open jobs on GitHub

Upwork Automation - Do Not Edit
  • Upwork Job URL: https://www.upwork.com/jobs/~0137581aed483fd0c3
  • Upwork Job ID: 1663778192565182464
  • Last Price Increase: 2023-06-07

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 49 (23 by maintainers)

Most upvoted comments

hired @hungvu193 @eVoloshchak and @dhanashree-sawant

+2
adelekennedy on Jun 7, 2023

@hungvu193’s proposal looks good to me! Both proposals are essentially the same, while @hungvu193 was the first to propose a fix.

Coming from this https://github.com/mdevils/html-entities/issues/48, we can use the fix from here, which was confirmed by the owner that fixed the problem, by adding the check for invalid html. We also can consider to upgrade the html-entities version. Otherwise, we can do a patch-package file to apply the fix.

I think ideally we just update the html-entities version

🎀👀🎀 C+ reviewed! cc: @iwiznia

+2
eVoloshchak on Jun 6, 2023

We also can consider to upgrade the html-entities version

Agree! Let’s fix this issue upstream

+2
rushatgabhane on May 31, 2023

@hungvu193 not according to this comment is it wrong?

Yeah, that’s wrong, because I created the PR in expensify-common, and it was merged within 2 days. Also the PR I created in this repo was also merged within 2 days. https://github.com/Expensify/expensify-common/pull/545 (Created on 9 Jun and was merged on 10 Jun)

+1
hungvu193 on Jul 5, 2023

payment issued!

+1
adelekennedy on Jun 26, 2023

Based on my calculations, the pull request did not get merged within 3 working days of assignment. Please, check out my computations here:

  • when @hungvu193 got assigned: 2023-06-08 17:49:36 Z
  • when the PR got merged: 2023-06-14 18:04:36 UTC
  • days elapsed: 5

On to the next one 🚀

+1
melvin-bot[bot] on Jun 14, 2023
Read more comments on GitHub
← App: [HOLD for payment 2023-06-21] [$250] Migrate ReportTypingIndicator.js to function component
App: [HOLD for payment 2023-06-23] [$1000] strikethrough message is displayed with double strikes in inline codeblock →