Snippets Groups Projects

Do not update/delete: Banner broadcast message test data

Do not update/delete: Notification broadcast message test data

New issue look: Off

Raw HTML Tags in Search Results

Summary

When searching the the web UI, extra raw HTML tags appear in the search results. I have a fully-updated Gitlab CE installation (9.1.3) running on Ubuntu 16.04. This issues appears to have come with the latest Gitlab security update.

Steps to reproduce

Use the search bar at the top of the web UI to search for literally anything with multiple results. It does not matter what page you're on when you search.

What is the current bug behavior?

Results appear, but with extra HTML tags around the letters that you have searched for. These tags do not exist as far as I can see anywhere else, nor were they added by anyone.

What is the expected correct behavior?

Search results without random HTML tags, possibly with the tag behavior actually applied rather than having the raw tag displayed.

Relevant logs and/or screenshots

An example of the behavior:

I am seeing this error, not sure if related or not. No other errors I could find.

==> /var/log/gitlab/unicorn/unicorn_stderr.log <==
E, [2017-05-12T00:34:13.318838 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in `invoke_command'
E, [2017-05-12T00:34:13.318849 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/vendor/thor/lib/thor.rb:359:in `dispatch'
E, [2017-05-12T00:34:13.318860 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/cli.rb:20:in `dispatch'
E, [2017-05-12T00:34:13.318871 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/vendor/thor/lib/thor/base.rb:440:in `start'
E, [2017-05-12T00:34:13.318887 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/cli.rb:11:in `start'
E, [2017-05-12T00:34:13.318909 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/exe/bundle:34:in `block in <top (required)>'
E, [2017-05-12T00:34:13.318935 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/lib/bundler/friendly_errors.rb:100:in `with_friendly_errors'
E, [2017-05-12T00:34:13.318959 #105158] ERROR -- : /opt/gitlab/embedded/lib/ruby/gems/2.3.0/gems/bundler-1.13.7/exe/bundle:26:in `<top (required)>'
E, [2017-05-12T00:34:13.318973 #105158] ERROR -- : /opt/gitlab/embedded/bin/bundle:22:in `load'
E, [2017-05-12T00:34:13.318983 #105158] ERROR -- : /opt/gitlab/embedded/bin/bundle:22:in `<main>'

Results of GitLab environment info

Expand for output related to GitLab environment info

System information
System:		Ubuntu 16.04
Current User:	git
Using RVM:	no
Ruby Version:	2.3.3p222
Gem Version:	2.6.6
Bundler Version:1.13.7
Rake Version:	10.5.0
Redis Version:	3.2.5
Git Version:	2.11.1
Sidekiq Version:4.2.7

GitLab information
Version:	9.1.3
Revision:	2e4e522
Directory:	/opt/gitlab/embedded/service/gitlab-rails
DB Adapter:	postgresql
URL:		<removed>
HTTP Clone URL:	<removed>/some-group/some-project.git
SSH Clone URL:	git@<removed>:some-group/some-project.git
Using LDAP:	yes
Using Omniauth:	yes
Omniauth Providers: cas3

GitLab Shell
Version:	5.0.2
Repository storage paths:
- default: 	/var/opt/gitlab/git-data/repositories
Hooks:		/opt/gitlab/embedded/service/gitlab-shell/hooks
Git:		/opt/gitlab/embedded/bin/git

Results of GitLab application Check

Expand for output related to the GitLab application check - tests pass

``` Checking GitLab Shell ...

GitLab Shell version >= 5.0.2 ? ... OK (5.0.2) Repo base directory exists? default... yes Repo storage directories are symlinks? default... no Repo paths owned by git:git? default... yes Repo paths access is drwxrws---? default... yes hooks directories in repos are links: ... 10/5 ... ok 2/6 ... ok 10/9 ... ok 10/10 ... ok 10/12 ... ok 12/13 ... ok 8/14 ... ok 14/15 ... ok 82/17 ... ok 8/18 ... ok 10/20 ... repository is empty 13/21 ... repository is empty 83/24 ... ok 30/26 ... ok 10/27 ... ok 10/32 ... ok 10/34 ... ok 10/37 ... ok 40/42 ... ok 40/43 ... ok 40/44 ... ok 10/46 ... ok 10/50 ... ok 25/51 ... ok 43/53 ... ok 170/55 ... ok 20/56 ... ok 3/60 ... ok 10/61 ... ok 72/64 ... ok 73/65 ... ok 73/66 ... ok 73/67 ... ok 73/68 ... ok 73/69 ... ok 73/70 ... ok 73/71 ... ok 73/72 ... ok 73/73 ... ok 73/74 ... ok 73/75 ... ok 73/76 ... ok 73/77 ... ok 73/78 ... ok 73/79 ... ok 73/80 ... ok 73/81 ... ok 73/82 ... ok 73/83 ... ok 73/84 ... ok 73/86 ... ok 73/87 ... ok 73/88 ... ok 10/89 ... ok 170/90 ... ok 170/91 ... ok 72/93 ... ok 78/94 ... ok 72/96 ... ok 72/97 ... ok 72/98 ... ok 72/99 ... ok 72/100 ... ok 72/101 ... ok 72/102 ... ok 72/103 ... ok 72/104 ... ok 72/105 ... ok 72/106 ... ok 72/107 ... ok 72/108 ... ok 72/109 ... ok 65/110 ... ok 64/112 ... ok 72/113 ... ok 72/114 ... ok 72/115 ... ok 25/116 ... ok 85/117 ... ok 85/118 ... ok 85/119 ... ok 85/120 ... ok 86/121 ... ok 86/122 ... ok 86/123 ... ok 86/124 ... ok 86/125 ... ok 86/126 ... ok 72/127 ... ok 10/128 ... ok 10/129 ... ok 10/130 ... ok 10/131 ... ok 82/132 ... ok 82/133 ... ok 86/134 ... ok 65/135 ... ok 65/136 ... ok 6/139 ... ok 96/140 ... ok 8/141 ... ok 2/142 ... ok 96/143 ... ok 10/145 ... ok 96/149 ... ok 96/150 ... ok 96/151 ... ok 96/153 ... ok 96/154 ... ok 96/155 ... ok 10/157 ... ok 2/162 ... ok 5/163 ... ok 10/164 ... ok 106/165 ... ok 10/166 ... ok 107/167 ... ok 107/168 ... ok 10/169 ... ok 10/170 ... ok 10/171 ... ok 96/172 ... ok 158/173 ... ok 158/174 ... ok 115/175 ... ok 115/176 ... ok 10/177 ... repository is empty 10/178 ... ok 10/180 ... ok 10/181 ... ok 115/183 ... ok 20/184 ... ok 107/185 ... ok 107/186 ... ok 107/187 ... ok 107/188 ... ok 107/190 ... ok 107/191 ... ok 73/192 ... ok 86/193 ... ok 73/194 ... ok 3/199 ... ok 138/202 ... ok 73/205 ... ok 69/206 ... ok 2/207 ... ok 69/208 ... repository is empty 131/209 ... ok 32/210 ... ok 158/211 ... ok 158/212 ... ok 158/213 ... ok 10/214 ... ok 32/216 ... ok 128/217 ... ok 158/218 ... ok 128/220 ... ok 79/221 ... ok 32/222 ... ok 148/223 ... ok 73/225 ... ok 73/226 ... ok 32/227 ... ok 115/230 ... ok 115/231 ... ok 32/232 ... ok 115/234 ... ok 138/236 ... ok 115/237 ... ok 115/238 ... ok 8/239 ... ok 32/240 ... ok 158/241 ... ok 158/244 ... ok 148/249 ... repository is empty 158/250 ... ok 158/251 ... ok 75/252 ... ok 67/253 ... ok 115/255 ... ok 158/256 ... ok 24/257 ... repository is empty 148/260 ... ok 111/261 ... ok 148/262 ... ok 85/263 ... ok 75/264 ... repository is empty 165/265 ... repository is empty 111/266 ... ok 24/268 ... ok 138/269 ... ok 138/270 ... ok 138/271 ... ok 138/272 ... ok 25/273 ... ok 134/277 ... ok 126/280 ... ok 65/283 ... ok 72/284 ... ok 53/287 ... ok 24/290 ... ok 97/292 ... ok 85/293 ... ok 138/294 ... ok 10/295 ... ok 149/296 ... ok 174/298 ... ok 58/299 ... ok 15/301 ... repository is empty 15/302 ... ok 32/303 ... ok 128/305 ... ok 174/306 ... ok 2/307 ... ok 65/308 ... ok 18/309 ... ok 115/311 ... ok 53/312 ... ok 173/313 ... ok 53/314 ... ok 153/315 ... ok 10/319 ... ok 166/320 ... ok 160/322 ... ok 10/323 ... ok 53/325 ... ok 53/326 ... ok 160/327 ... ok 158/328 ... ok 10/329 ... ok 160/330 ... ok 160/332 ... ok 160/333 ... ok 174/335 ... ok 166/336 ... ok 10/337 ... ok 27/338 ... ok 126/339 ... ok 115/340 ... ok 115/341 ... ok 138/342 ... ok 174/343 ... ok 53/346 ... ok 158/347 ... ok 164/348 ... ok 2/349 ... repository is empty 10/350 ... ok 164/351 ... ok 163/352 ... repository is empty 128/353 ... ok 174/354 ... ok 158/355 ... ok 158/356 ... ok 6/357 ... ok 160/358 ... ok 193/359 ... ok 27/360 ... ok 128/361 ... ok 160/362 ... ok 128/363 ... ok 32/364 ... ok 154/365 ... ok 160/366 ... ok 174/368 ... ok 147/369 ... ok 6/371 ... ok 6/372 ... ok 6/373 ... ok 174/374 ... repository is empty 10/375 ... ok 120/378 ... ok 174/380 ... ok 174/381 ... ok 196/383 ... ok 196/384 ... ok 196/385 ... ok 196/386 ... ok 10/387 ... ok 115/388 ... ok 115/389 ... ok 6/391 ... ok 10/392 ... ok 194/393 ... ok 194/394 ... ok 201/396 ... ok 193/397 ... ok 10/398 ... ok 115/399 ... ok 172/400 ... ok 195/401 ... ok 72/402 ... ok 172/403 ... ok 195/404 ... ok 204/405 ... ok 111/406 ... ok 205/408 ... ok 196/409 ... ok 10/410 ... ok 174/411 ... ok 65/412 ... ok 174/413 ... ok 166/414 ... ok 174/415 ... ok 196/416 ... ok 53/417 ... ok 225/418 ... ok 172/419 ... ok 167/420 ... ok 194/421 ... ok 115/422 ... ok 174/423 ... ok 115/424 ... ok 115/425 ... ok 173/426 ... ok 174/427 ... ok 174/428 ... ok 194/429 ... ok 194/430 ... ok 228/431 ... ok 194/433 ... ok 194/434 ... ok 10/435 ... ok 20/436 ... ok Running /opt/gitlab/embedded/service/gitlab-shell/bin/check Check GitLab API access: OK Access to /var/opt/gitlab/.ssh/authorized_keys: OK Send ping to redis server: OK gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Checking Reply by email ...

Reply by email is disabled in config/gitlab.yml

Checking Reply by email ... Finished

Checking LDAP ...

Server: ldapmain LDAP authentication... Success LDAP users with access to your GitLab server (only showing the first 100 results)

Checking LDAP ... Finished

Checking GitLab ...

Git configured with autocrlf=input? ... yes Database config exists? ... yes All migrations up? ... yes Database contains orphaned GroupMembers? ... no GitLab config exists? ... yes GitLab config outdated? ... no Log directory writable? ... yes Tmp directory writable? ... yes Uploads directory setup correctly? ... yes Init script exists? ... skipped (omnibus-gitlab has no init script) Init script up-to-date? ... skipped (omnibus-gitlab has no init script) projects have namespace: ... 10/5 ... yes 2/6 ... yes 10/9 ... yes 10/10 ... yes 10/12 ... yes 12/13 ... yes 8/14 ... yes 14/15 ... yes 82/17 ... yes 8/18 ... yes 10/20 ... yes 13/21 ... yes 83/24 ... yes 30/26 ... yes 10/27 ... yes 10/32 ... yes 10/34 ... yes 10/37 ... yes 40/42 ... yes 40/43 ... yes 40/44 ... yes 10/46 ... yes 10/50 ... yes 25/51 ... yes 43/53 ... yes 170/55 ... yes 20/56 ... yes 3/60 ... yes 10/61 ... yes 72/64 ... yes 73/65 ... yes 73/66 ... yes 73/67 ... yes 73/68 ... yes 73/69 ... yes 73/70 ... yes 73/71 ... yes 73/72 ... yes 73/73 ... yes 73/74 ... yes 73/75 ... yes 73/76 ... yes 73/77 ... yes 73/78 ... yes 73/79 ... yes 73/80 ... yes 73/81 ... yes 73/82 ... yes 73/83 ... yes 73/84 ... yes 73/86 ... yes 73/87 ... yes 73/88 ... yes 10/89 ... yes 170/90 ... yes 170/91 ... yes 72/93 ... yes 78/94 ... yes 72/96 ... yes 72/97 ... yes 72/98 ... yes 72/99 ... yes 72/100 ... yes 72/101 ... yes 72/102 ... yes 72/103 ... yes 72/104 ... yes 72/105 ... yes 72/106 ... yes 72/107 ... yes 72/108 ... yes 72/109 ... yes 65/110 ... yes 64/112 ... yes 72/113 ... yes 72/114 ... yes 72/115 ... yes 25/116 ... yes 85/117 ... yes 85/118 ... yes 85/119 ... yes 85/120 ... yes 86/121 ... yes 86/122 ... yes 86/123 ... yes 86/124 ... yes 86/125 ... yes 86/126 ... yes 72/127 ... yes 10/128 ... yes 10/129 ... yes 10/130 ... yes 10/131 ... yes 82/132 ... yes 82/133 ... yes 86/134 ... yes 65/135 ... yes 65/136 ... yes 6/139 ... yes 96/140 ... yes 8/141 ... yes 2/142 ... yes 96/143 ... yes 10/145 ... yes 96/149 ... yes 96/150 ... yes 96/151 ... yes 96/153 ... yes 96/154 ... yes 96/155 ... yes 10/157 ... yes 2/162 ... yes 5/163 ... yes 10/164 ... yes 106/165 ... yes 10/166 ... yes 107/167 ... yes 107/168 ... yes 10/169 ... yes 10/170 ... yes 10/171 ... yes 96/172 ... yes 158/173 ... yes 158/174 ... yes 115/175 ... yes 115/176 ... yes 10/177 ... yes 10/178 ... yes 10/180 ... yes 10/181 ... yes 115/183 ... yes 20/184 ... yes 107/185 ... yes 107/186 ... yes 107/187 ... yes 107/188 ... yes 107/190 ... yes 107/191 ... yes 73/192 ... yes 86/193 ... yes 73/194 ... yes 3/199 ... yes 138/202 ... yes 73/205 ... yes 69/206 ... yes 2/207 ... yes 69/208 ... yes 131/209 ... yes 32/210 ... yes 158/211 ... yes 158/212 ... yes 158/213 ... yes 10/214 ... yes 32/216 ... yes 128/217 ... yes 158/218 ... yes 128/220 ... yes 79/221 ... yes 32/222 ... yes 148/223 ... yes 73/225 ... yes 73/226 ... yes 32/227 ... yes 115/230 ... yes 115/231 ... yes 32/232 ... yes 115/234 ... yes 138/236 ... yes 115/237 ... yes 115/238 ... yes 8/239 ... yes 32/240 ... yes 158/241 ... yes 158/244 ... yes 148/249 ... yes 158/250 ... yes 158/251 ... yes 75/252 ... yes 67/253 ... yes 115/255 ... yes 158/256 ... yes 24/257 ... yes 148/260 ... yes 111/261 ... yes 148/262 ... yes 85/263 ... yes 75/264 ... yes 165/265 ... yes 111/266 ... yes 24/268 ... yes 138/269 ... yes 138/270 ... yes 138/271 ... yes 138/272 ... yes 25/273 ... yes 134/277 ... yes 126/280 ... yes 65/283 ... yes 72/284 ... yes 53/287 ... yes 24/290 ... yes 97/292 ... yes 85/293 ... yes 138/294 ... yes 10/295 ... yes 149/296 ... yes 174/298 ... yes 58/299 ... yes 15/301 ... yes 15/302 ... yes 32/303 ... yes 128/305 ... yes 174/306 ... yes 2/307 ... yes 65/308 ... yes 18/309 ... yes 115/311 ... yes 53/312 ... yes 173/313 ... yes 53/314 ... yes 153/315 ... yes 10/319 ... yes 166/320 ... yes 160/322 ... yes 10/323 ... yes 53/325 ... yes 53/326 ... yes 160/327 ... yes 158/328 ... yes 10/329 ... yes 160/330 ... yes 160/332 ... yes 160/333 ... yes 174/335 ... yes 166/336 ... yes 10/337 ... yes 27/338 ... yes 126/339 ... yes 115/340 ... yes 115/341 ... yes 138/342 ... yes 174/343 ... yes 53/346 ... yes 158/347 ... yes 164/348 ... yes 2/349 ... yes 10/350 ... yes 164/351 ... yes 163/352 ... yes 128/353 ... yes 174/354 ... yes 158/355 ... yes 158/356 ... yes 6/357 ... yes 160/358 ... yes 193/359 ... yes 27/360 ... yes 128/361 ... yes 160/362 ... yes 128/363 ... yes 32/364 ... yes 154/365 ... yes 160/366 ... yes 174/368 ... yes 147/369 ... yes 6/371 ... yes 6/372 ... yes 6/373 ... yes 174/374 ... yes 10/375 ... yes 120/378 ... yes 174/380 ... yes 174/381 ... yes 196/383 ... yes 196/384 ... yes 196/385 ... yes 196/386 ... yes 10/387 ... yes 115/388 ... yes 115/389 ... yes 6/391 ... yes 10/392 ... yes 194/393 ... yes 194/394 ... yes 201/396 ... yes 193/397 ... yes 10/398 ... yes 115/399 ... yes 172/400 ... yes 195/401 ... yes 72/402 ... yes 172/403 ... yes 195/404 ... yes 204/405 ... yes 111/406 ... yes 205/408 ... yes 196/409 ... yes 10/410 ... yes 174/411 ... yes 65/412 ... yes 174/413 ... yes 166/414 ... yes 174/415 ... yes 196/416 ... yes 53/417 ... yes 225/418 ... yes 172/419 ... yes 167/420 ... yes 194/421 ... yes 115/422 ... yes 174/423 ... yes 115/424 ... yes 115/425 ... yes 173/426 ... yes 174/427 ... yes 174/428 ... yes 194/429 ... yes 194/430 ... yes 228/431 ... yes 194/433 ... yes 194/434 ... yes 10/435 ... yes 20/436 ... yes Redis version >= 2.8.0? ... yes Ruby version >= 2.1.0 ? ... yes (2.3.3) Your git bin path is "/opt/gitlab/embedded/bin/git" Git version >= 2.7.3 ? ... yes (2.11.1) Active users: 137

Checking GitLab ... Finished

</details>

/label ~bug

Designs

Child items ...

Activity

username-removed-767210 @chrisatomix · 7 years ago

See also https://gitlab.com/gitlab-org/gitlab-ce/issues/31997

Edit: Looks like the issue is fixed now (https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11198), it will be merged into 9.1.4

Edited 7 years ago by username-removed-767210
username-removed-86853 @blackst0ne · 7 years ago

Developer

Thank you for the bug report.
This bug is known and already fixed.
The fix will be shipped in the next patch realease.

https://gitlab.com/gitlab-org/gitlab-ce/issues/32108
username-removed-86853 closed 7 years ago

closed

Please register or sign in to reply

Due date

None

Health status

None

Confidentiality

Confidentiality controls have moved to the issue actions menu () at the top of the page.

0 Participants