Skip to content

fix: decode HTML entities in anchor modal title#544

Merged
rdmueller merged 2 commits into
LLM-Coding:mainfrom
raifdmueller:fix/modal-entity-decode
May 29, 2026
Merged

fix: decode HTML entities in anchor modal title#544
rdmueller merged 2 commits into
LLM-Coding:mainfrom
raifdmueller:fix/modal-entity-decode

Conversation

@raifdmueller
Copy link
Copy Markdown
Contributor

@raifdmueller raifdmueller commented May 29, 2026
edited by coderabbitai Bot
Loading

Problem

Anchor modal headings showed literal HTML entities, e.g. "Plain English according to Strunk & White" instead of "Strunk & White". The same applied to any anchor with &, <, > in its title (e.g. "Hexagonal Architecture (Ports & Adapters)").

Root cause

loadAnchorContent extracted the <h1> text from the asciidoctor-rendered HTML with a regex, then assigned the captured string (which still contains &amp;) via textContent. Since the source HTML is already entity-encoded, textContent rendered the entity literally. The JSON/AsciiDoc source was always correct — only this render path double-handled entities, which is why the bug kept recurring.

Fix

Parse the rendered HTML with DOMParser and read h1.textContent, letting the browser decode entities. DOMParser is parse-don't-execute, so there is no XSS surface. The share-link title (read from #modal-title) is fixed by the same change.

Test

Adds a regression test should decode HTML entities in the modal title — verified red on the old regex path, green with the fix. All 16 anchor-modal tests pass.

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Bug Fixes

    • Anker-Modal-Titel mit HTML-Entities werden jetzt korrekt decodiert und sauber angezeigt.

  • Tests

    • Testabdeckung erweitert, um Darstellung von Sonderzeichen in Modal-Titeln sicherzustellen.

  • Chores

    • Linting-Konfiguration aktualisiert, um browserseitige Parser-API zu berücksichtigen.

Review Change Stack

@raifdmueller @claude
fix: decode HTML entities in anchor modal title
3c825b7 
The modal heading extracted the <h1> text via regex from rendered
HTML (which contains &amp;) and set it as textContent, so anchors
like "Plain English according to Strunk & White" showed the literal
"&amp;". Parse via DOMParser instead so the browser decodes entities;
DOMParser is parse-don't-execute (no XSS risk). The share-link title,
which reads from #modal-title, is fixed by the same change.

Adds a regression test that fails on the old regex path.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented May 29, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 1b0b0a83-55de-441d-bf91-a8a26e7b42df

📥 Commits

Reviewing files that changed from the base of the PR and between 3c825b7 and 89d3d52.

📒 Files selected for processing (1)
  • website/eslint.config.js
✅ Files skipped from review due to trivial changes (1)
  • website/eslint.config.js

Walkthrough

Die Änderung aktualisiert die Titelextraktion für Ankermodals: statt Regex-Matching wird jetzt ein DOMParser verwendet, um das h1-Element aus der generierten HTML zu finden. Der Titel wird als textContent (trimmed) oder mit Fallback auf anchorId übernommen. Ein neuer Test validiert, dass HTML-Entities (z. B. &amp;) korrekt decodiert werden.

Änderungen

Ankertitel-Entity-Handling

Layer / Datei(en) Zusammenfassung
Titelextraktion mit Entity-Decodierung
website/src/components/anchor-modal.js, website/src/components/anchor-modal.test.js		 loadAnchorContent ersetzt Regex-basiertes <h1>-Matching durch DOMParser-Suche und nutzt das textContent des Elements mit Fallback auf anchorId. Ein neuer Regressionstests verifiziert, dass &amp; im Modal-Titel korrekt zu & decodiert wird, z. B. „Strunk & White".

Geschätzter Aufwand für Code-Review

🎯 2 (Einfach) | ⏱️ ~10 Minuten

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed Der Titel beschreibt präzise die Hauptänderung: HTML-Entities in Ankertitel werden jetzt korrekt dekodiert, was das zentrale Problem und dessen Lösung zusammenfasst.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed May 29, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@website/src/components/anchor-modal.js`:
- Line 245: ESLint reports "'DOMParser' is not defined" because new DOMParser()
is used in anchor-modal.js; fix by adding DOMParser: 'readonly' to the browser
globals object used by ESLint (the languageOptions.globals -> browserGlobals
entry in website/eslint.config.js) so the global is recognized, and if tests
also use DOMParser add it to the test globals as well.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: deeb97d9-5793-40f3-b574-37a4e1332740

📥 Commits

Reviewing files that changed from the base of the PR and between bd1a8a4 and 3c825b7.

📒 Files selected for processing (2)
  • website/src/components/anchor-modal.js
  • website/src/components/anchor-modal.test.js

Comment thread website/src/components/anchor-modal.js
@raifdmueller @claude
chore: allow DOMParser browser global in ESLint config
89d3d52 
The entity-decode fix uses DOMParser, which the explicit browser-globals
allowlist did not include, causing a no-undef lint error.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@rdmueller rdmueller merged commit 28cf213 into LLM-Coding:main May 29, 2026
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@raifdmueller @rdmueller