Ignore images from embedded html when pasting, paste plaintext instead. #21476
Conversation
melvin-bot
bot
requested review from
parasharrajat
and removed request for
a team
|
@parasharrajat Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button] |
src/components/Composer/index.js
Outdated
| if (embeddedImages.length > 0 && embeddedImages[0].src) { | ||
| // If HTML has emoji, then treat this as plain text. | ||
| if (embeddedImages[0].dataset && embeddedImages[0].dataset.stringifyType === 'emoji') { | ||
| const plainText = event.clipboardData.getData('text/plain'); | ||
| this.paste(plainText); | ||
| return; | ||
| } | ||
| fetch(embeddedImages[0].src) | ||
| .then((response) => { | ||
| if (!response.ok) { | ||
| throw Error(response.statusText); | ||
| } | ||
| return response.blob(); | ||
| }) | ||
| .then((x) => { | ||
| const extension = IMAGE_EXTENSIONS[x.type]; | ||
| if (!extension) { | ||
| throw new Error(this.props.translate('composer.noExtensionFoundForMimeType')); | ||
| } | ||
|
|
||
| return new File([x], `pasted_image.${extension}`, {}); | ||
| }) | ||
| .then(this.props.onPasteFile) | ||
| .catch(() => { | ||
| const errorDesc = this.props.translate('composer.problemGettingImageYouPasted'); | ||
| Growl.error(errorDesc); | ||
|
|
||
| /* | ||
| * Since we intercepted the user-triggered paste event to check for attachments, | ||
| * we need to manually set the value and call the `onChangeText` handler. | ||
| * Synthetically-triggered paste events do not affect the document's contents. | ||
| * See https://developer.mozilla.org/en-US/docs/Web/API/Element/paste_event for more details. | ||
| */ | ||
| this.handlePastedHTML(pastedHTML); | ||
| }); | ||
| this.handlePastePlainText(event); |
There was a problem hiding this comment.
Why are we not pasting the HTML? embeddedImages[0].dataset && embeddedImages[0].dataset.stringifyType === 'emoji' require pasting text but other than this we can use html pasting...
There was a problem hiding this comment.
@parasharrajat If you read my proposal carefully, I explain the caveat of why we should paste plaintext instead of pasting the HTML (#18583 (comment))
If any images have links attached, and we try to paste them, it leads to formatting issues in the markdown that is generated.
Please let me know what is the desired behaviour in this instance as I thought you already approved my proposal.
There was a problem hiding this comment.
I did approve the removal of fetching of images but the whole formatting. Can you share a screenshot/video of formatting issues?
There was a problem hiding this comment.
This is what happens when I set it to paste HTML:
Screen.Recording.2023-06-27.at.8.40.55.am.mov
There was a problem hiding this comment.
Apologies for the delay. But I think we need to keep formatting. It is strange that image tags are converted to links. I am not sure where that happens in out parser.
There was a problem hiding this comment.
@qispark If images are wrapped in a link then it is fine if they are parsed as links in the pasted code.
But if the image itself is being converted to links then that is a problem. If we want to solve this problem, then we should be modifying the link rules in ExpensiMark to filter out images.
There was a problem hiding this comment.
@parasharrajat Let me know if I should action on anything based on your feedback.
There was a problem hiding this comment.
@qispark Based on Rajat's comment, If images are wrapped in a link then it is fine if they are parsed as links in the pasted code. I think the image was wrapped in a link in the recording above, right? (Can you confirm this by inspecting that element?) and when we are pasting it is being rendered as links.
But if the image itself is being converted to links then that is a problem
I don't think that is happening in this case. @qispark can you please confirm this?
And now for the last part
Why are we not pasting the HTML? embeddedImages[0].dataset && embeddedImages[0].dataset.stringifyType === 'emoji' require pasting text but other than this we can use html pasting.
@qispark What do you think can be done to fix this? Do we need to update the ExpensiMark logic? I think that is very much doable, so if that's the case please push a PR in the expensify-common repo and let's keep this moving.
There was a problem hiding this comment.
@techievivek Your understanding is correct.
When the image is wrapped in a link, it gets rendered as an empty link.
When the image is not wrapped in a link, it gets rendered as its alt text.
I think we can update the ExpensiMark logic based on what I mentioned in my last comment. Happy to make a PR there to reflect this functionality. I will share an update when this is done.
|
I think we are fixing the empty link parsing in Expensify/expensify-common#555. That might solve our challenge where we see an empty title link being parsed as MD style link for links wrapping images in HTML. |
|
OK, @parasharrajat I'm happy to wait until that PR is merged before we test this again - we might not need further changes in that case. Is that ok? |
src/components/Composer/index.js
Outdated
| if (embeddedImages[0].dataset && embeddedImages[0].dataset.stringifyType === 'emoji') { | ||
| const plainText = event.clipboardData.getData('text/plain'); | ||
| this.paste(plainText); | ||
| return; | ||
| } | ||
| fetch(embeddedImages[0].src) |
There was a problem hiding this comment.
We still need to revert the logic for .stringifyType === 'emoji' and for the rest pasteHTML. let's do that.
|
@parasharrajat I have just updated the PR to reinstate the logic for emojis. Please let me know if any other changes are required. |
|
Expensify/expensify-common#555 PR is merged, so I think we can move forward with thoroughly testing this PR now, right? |
|
@techievivek I've just tested it. Unfortunately, it appears to have the same behaviour, still creating an empty link. I'm using a test branch based on Do we need to revise ExpensiMark again? @parasharrajat
Just examining the PR to expensify-common, it looks like changes were only made to email links, so I wonder if we need to expand the changes to all links. |
|
Yes. We need to find a solution. Please propose the changes here first which you are planning to do to ExpensiMark |
|
In If this is the relevant rule, I think we need to update the part |
|
Can you share the sample HTML that you tried pasting? It will help me review. |
|
@parasharrajat I'm OOO until Monday - but essentially you can recreate it on any website with an image wrapped in a link. |
|
@parasharrajat You can copy the contents from here: https://www.w3schools.com/html/tryit.asp?filename=tryhtml_links_image This is the result: 
|
|
Thanks |
|
Hi @parasharrajat, it wasn't clear to me, but did you want me to make a PR in expensify-common? Or shall I wait until you have tested it? |
|
Sorry for the delay here. Once I lost momentum on a PR, it is harder to get back on it. I will try to close this PR as soon as possible. |
|
@parasharrajat, any updates here? |
|
My bad, I wasn't able to focus on this. Continuing review so that I can get this merged asap. |
|
@parasharrajat Gentle bump to keep this moving, also QA reported that this was not reproducible #18583 (comment) 🤯, haven't verified it myself tho. |
|
@parasharrajat, Can you please prioritize this PR, as it has been open for some time now? Thanks |
Co-authored-by: Rajat Parashar <parasharrajat@users.noreply.github.com>
|
So, image parsing is not related to this issue. I noticed that HTML does have anchor tags wrapping image tags. Thus they are being parsed as |
Screenshots🔲 iOS / nativeScreen.Recording.2023-08-04.at.5.42.09.AM.mov🔲 iOS / SafariScreen.Recording.2023-08-04.at.5.29.24.AM.mov🔲 MacOS / DesktopScreen.Recording.2023-08-04.at.5.23.45.AM.mov🔲 MacOS / ChromeScreen.Recording.2023-08-04.at.5.22.20.AM.mov🔲 Android / ChromeScreen.Recording.2023-08-04.at.5.32.58.AM.mov🔲 Android / native |
There was a problem hiding this comment.
Reviewer Checklist
- I have verified the author checklist is complete (all boxes are checked off).
- I verified the correct issue is linked in the
### Fixed Issuessection above - I verified testing steps are clear and they cover the changes made in this PR
- I verified the steps for local testing are in the
Testssection - I verified the steps for Staging and/or Production testing are in the
QA stepssection - I verified the steps cover any possible failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
- I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
- I verified the steps for local testing are in the
- I checked that screenshots or videos are included for tests on all platforms
- I included screenshots or videos for tests on all platforms
- I verified tests pass on all platforms & I tested again on:
- Android / native
- Android / Chrome
- iOS / native
- iOS / Safari
- MacOS / Chrome / Safari
- MacOS / Desktop
- If there are any errors in the console that are unrelated to this PR, I either fixed them (preferred) or linked to where I reported them in Slack
- I verified proper code patterns were followed (see Reviewing the code)
- I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e.
toggleReportand notonIconClick). - I verified that the left part of a conditional rendering a React component is a boolean and NOT a string, e.g.
myBool && <MyComponent />. - I verified that comments were added to code that is not self explanatory
- I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
- I verified any copy / text shown in the product is localized by adding it to
src/languages/*files and using the translation method - I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
- I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is approved by marketing by adding the
Waiting for Copylabel for a copy review on the original GH to get the correct copy. - I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
- I verified the JSDocs style guidelines (in
STYLE.md) were followed
- I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e.
- If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
- I verified that this PR follows the guidelines as stated in the Review Guidelines
- I verified other components that can be impacted by these changes have been tested, and I retested again (i.e. if the PR modifies a shared library or component like
Avatar, I verified the components usingAvatarhave been tested & I retested again) - I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
- I verified any variables that can be defined as constants (ie. in CONST.js or at the top of the file that uses the constant) are defined as such
- If a new component is created I verified that:
- A similar component doesn't exist in the codebase
- All props are defined accurately and each prop has a
/** comment above it */ - The file is named correctly
- The component has a clear name that is non-ambiguous and the purpose of the component can be inferred from the name alone
- The only data being stored in the state is data necessary for rendering and nothing else
- For Class Components, any internal methods passed to components event handlers are bound to
thisproperly so there are no scoping issues (i.e. foronClick={this.submit}the methodthis.submitshould be bound tothisin the constructor) - Any internal methods bound to
thisare necessary to be bound (i.e. avoidthis.submit = this.submit.bind(this);ifthis.submitis never passed to a component event handler likeonClick) - All JSX used for rendering exists in the render method
- The component has the minimum amount of code necessary for its purpose, and it is broken down into smaller components in order to separate concerns and functions
- If any new file was added I verified that:
- The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
- If a new CSS style is added I verified that:
- A similar style doesn't already exist
- The style can't be created with an existing StyleUtils function (i.e.
StyleUtils.getBackgroundAndBorderStyle(themeColors.componentBG)
- If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
- If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like
Avataris modified, I verified thatAvataris working as expected in all cases) - If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
- If a new page is added, I verified it's using the
ScrollViewcomponent to make it scrollable when more elements are added to the page. - If the
mainbranch was merged into this PR after a review, I tested again and verified the outcome was still expected according to theTeststeps. - I have checked off every checkbox in the PR reviewer checklist, including those that don't apply to this PR.
🎀 👀 🎀 C+ reviewed
|
Not sure what changed. My android build is not starting, stuck at But I believe it works as changes are only applied to web-specific files. |
|
Bump @techievivek |
|
Sorry, I was ooo on Friday, taking a look now. Thanks. |
|
@qispark Linting seems to be failing, can you please fix that, thanks. |
…ges-2' into qispark-composer-paste-ignore-images-2
|
@techievivek Just updated lint. |
Co-authored-by: Vivek Kumar <35863227+techievivek@users.noreply.github.com>
|
@techievivek Just updated again due to prettier failing. |
|
✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. |
|
🚀 Deployed to staging by https://github.com/techievivek in version: 1.3.51-0 🚀
|
|
🚀 Deployed to production by https://github.com/Julesssss in version: 1.3.51-2 🚀
|
|
🚀 Deployed to staging by https://github.com/techievivek in version: 1.3.52-0 🚀
|
|
🚀 Deployed to staging by https://github.com/techievivek in version: 1.3.52-0 🚀
|
|
🚀 Deployed to production by https://github.com/puneetlath in version: 1.3.52-5 🚀
|
Details
When pasting some HTML containing images into Composer, it will cause an error modal. This is because of the server's Content Security Policy, which prevents those images from being fetched separately. This PR prevents the images from being fetched, instead it will paste the plaintext that is copied.
Fixed Issues
$ #18583
$ #18583 (comment)
Tests
Offline tests
N/A
QA Steps
PR Author Checklist
### Fixed Issuessection aboveTestssectionOffline stepssectionQA stepssectiontoggleReportand notonIconClick)myBool && <MyComponent />.src/languages/*files and using the translation methodWaiting for Copylabel for a copy review on the original GH to get the correct copy.STYLE.md) were followedAvatar, I verified the components usingAvatarare working as expected)/** comment above it */thisproperly so there are no scoping issues (i.e. foronClick={this.submit}the methodthis.submitshould be bound tothisin the constructor)thisare necessary to be bound (i.e. avoidthis.submit = this.submit.bind(this);ifthis.submitis never passed to a component event handler likeonClick)StyleUtils.getBackgroundAndBorderStyle(themeColors.componentBG))Avataris modified, I verified thatAvataris working as expected in all cases)ScrollViewcomponent to make it scrollable when more elements are added to the page.mainbranch was merged into this PR after a review, I tested again and verified the outcome was still expected according to theTeststeps.Screenshots/Videos
Web
Screen.Recording.2023-06-23.at.9.08.11.pm.mov
Mobile Web - Chrome
Screen.Recording.2023-06-23.at.10.48.26.pm.mov
Mobile Web - Safari
Screen.Recording.2023-06-23.at.9.10.32.pm.mov
Desktop
Screen.Recording.2023-06-23.at.11.17.31.pm.mov
iOS
Screen.Recording.2023-06-23.at.10.21.31.pm.mov
Android
Screen.Recording.2023-06-23.at.10.58.14.pm.mov