It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionBugged characters in review texts(18 posts)(18 posts)
(18 posts)
Pages:
1
2
This is my favourite topic
Posted April 10, 2016
Why do some special characters like hyphens and quotation marks get garbled into strings of letters and other stuff in user review texts? Is it some problem on my browser's end?
Posted April 10, 2016
I've encountered same problem. I use Firefox.
Posted April 10, 2016
I don't think your browser has to do something with it. I tried with many browsers (firefox, palemoon, chromium - hell, even IE) but it's the same. I guess it has to do with the review section and it's inability to accept/show HTML stuff correctly or something like that. In any case, don't fret - this is the least of our worries about GOG. :P
Posted April 10, 2016
I haven't noticed, but than again I don't read the reviews on GOG.
Could it be related to SQL injection protection perhaps?
Posted April 10, 2016
Encounter the same bug in chat, just part of gog's great broke system of woe.
Posted April 10, 2016
high rated
I have reported that problem to GOG. I think it was more than a year ago, and I'll try to explain what I think of it.

As far as I can tell, this happens because the system is HTML-escaping the text. The reviews are stored in that way for security reasons. That prevents reviewers from inserting code that could exploit deficiencies in the system code that accesses the database (see this comic for an example) or inserting some nasty HTML tags in their review, that GOG would serve to all of its users (for example, calling some external javascript that abuses your browser).

So it is good that GOG is doing this. The problem is that GOG is not doing it correctly. The system was supposed to translate those characters back to what they are supposed to be when displaying them. Instead, what you are seeing is called a "double encoding problem".

Let me explain what this is with an example.

The character "<" is treated specially in HTML (it opens a tag — we all know HTML is full of them!). GOG does not want users using HTML tags on their reviews, and stores these characters in their "HTML form", "&lt;", which browsers display as "<", but is harmless, since it has no extra meaning. This is the HTML-escaping process. The character "&" is special in HTML too, and is used for escaping (that is, saying that the next character needs special attention, and should not be taken "as is").

When displaying the review, GOG simply throws the entire text and says "just display this in HTML". When the system reaches the "&lt;" it goes "Aha! I know '&' is special in HTML, and it is written as '&amp;".

This means that we go from "<" to "&lt;" to "&amp;lt", which is similar to what we see in the review.
Ideally we would go from "<" to "&lt;" and then back to "<" again.

Why hasn't GOG fixed this problem? Maybe fixing it breaks something else. Or they are afraid of messing with security-related measures and causing more harm. Or they simply think it is not a big deal and they should not bother with it.

Personally, I think it makes some reviews difficult to understand, and makes GOG staff look sloppy.
Post edited April 19, 2016 by Gede
Posted April 18, 2016
avatar
Gede: Let me explain what this is with an example.

The character "<" is treated specially in HTML (it opens a tag — we all know HTML is full of them!). GOG does not want users using HTML tags on their reviews, and stores it in its HTML form, "&lt;", which browsers display as "<", but is harmless, since it has no extra meaning. This is the HTML-escaping process. The character "&" is special in HTML too, and is used for escaping (that is, saying that the next character needs special attention, and should not be taken "as is").

When displaying the review, GOG simply throws the entire text and says "just display this in HTML". When the system reaches the "&lt;" it goes "Aha! I know '&' is special in HTML, and it is written as '&amp;".

This means that we go from "<" to "&lt;" to "&amp;lt;", which is what we see in the review.
Ideally we would go from "<" to "&lt;" and then back to "<" again.

Why hasn't GOG fixed this problem? Maybe fixing it breaks something else. Or they are afraid of messing with security-related measures and causing more harm. Or they simply think it is not a big deal and they should not bother with it.

Personally, I think it makes some reviews difficult to understand, and makes GOG staff look sloppy.
I tried correcting your markup to show the correct, well, markup, but we'll see if I succeeded when I hit "Post".

Edit:
I failed. Let's see if this fixes it.

Edit2:
Yup, that worked. It's difficult, because whenever you quote or edit a post, the forum unescapes it again.
Post edited April 18, 2016 by Wishbone
Posted April 19, 2016
https://www.gog.com/forum/general/use_of_quotation_marks_in_reviews
Posted April 19, 2016
avatar
Gede: [snip]
Already +1'd earlier, but like Wishbone said in the other thread, good explanatory post. : )
avatar
Wishbone: I tried correcting your markup to show the correct, well, markup, but we'll see if I succeeded when I hit "Post".

Edit:
I failed. Let's see if this fixes it.

Edit2:
Yup, that worked. It's difficult, because whenever you quote or edit a post, the forum unescapes it again.
I ran into that a couple weeks ago in one of the previous complaint threads about this. XD
avatar
mobutu: https://www.gog.com/forum/general/use_of_quotation_marks_in_reviews
Yes, that's the thread we came here from. ;D
Post edited April 19, 2016 by HunchBluntley
Posted April 19, 2016
avatar
Wishbone: I tried correcting your markup to show the correct, well, markup, but we'll see if I succeeded when I hit "Post".

Edit:
I failed. Let's see if this fixes it.

Edit2:
Yup, that worked. It's difficult, because whenever you quote or edit a post, the forum unescapes it again.
Thank you for pointing out that the forum also has its HTML encoding tricks. It is funny that it passed by me unnoticed. :-)

Also, extra thanks for pointing out that the editor unescapes it again. It saved me a lot of frustration.
Posted April 19, 2016
avatar
Gede: Thank you for pointing out that the forum also has its HTML encoding tricks. It is funny that it passed by me unnoticed. :-)

Also, extra thanks for pointing out that the editor unescapes it again. It saved me a lot of frustration.
Yup, it's quite ironic actually. The very problem we are discussing makes it incredibly difficult to make explanatory posts about said problem :-D
Posted April 21, 2016
avatar
Gede: Thank you for pointing out that the forum also has its HTML encoding tricks. It is funny that it passed by me unnoticed. :-)

Also, extra thanks for pointing out that the editor unescapes it again. It saved me a lot of frustration.
avatar
Wishbone: Yup, it's quite ironic actually. The very problem we are discussing makes it incredibly difficult to make explanatory posts about said problem :-D
And I remember reading all those pages talking about how to write HTML, thinking "if the author did not use an HTML editor to write this, they may have gone mad!" (because they did not seem to be using the PRE tag).
Posted April 21, 2016
avatar
Wishbone: Yup, it's quite ironic actually. The very problem we are discussing makes it incredibly difficult to make explanatory posts about said problem :-D
avatar
Gede: And I remember reading all those pages talking about how to write HTML, thinking "if the author did not use an HTML editor to write this, they may have gone mad!" (because they did not seem to be using the PRE tag).
Yeah, sometimes I really wish the forum had code tags.
Posted May 23, 2016
avatar
Gede: I have reported that problem to GOG. I think it was more than a year ago, and I'll try to explain what I think of it.

As far as I can tell, this happens because the system is HTML-escaping the text. The reviews are stored in that way for security reasons. That prevents reviewers from inserting code that could exploit deficiencies in the system code that accesses the database (see this comic for an example) or inserting some nasty HTML tags in their review, that GOG would serve to all of its users (for example, calling some external javascript that abuses your browser).

So it is good that GOG is doing this. The problem is that GOG is not doing it correctly. The system was supposed to translate those characters back to what they are supposed to be when displaying them. Instead, what you are seeing is called a "double encoding problem".

Let me explain what this is with an example.

The character "<" is treated specially in HTML (it opens a tag — we all know HTML is full of them!). GOG does not want users using HTML tags on their reviews, and stores these characters in their "HTML form", "<", which browsers display as "<", but is harmless, since it has no extra meaning. This is the HTML-escaping process. The character "&" is special in HTML too, and is used for escaping (that is, saying that the next character needs special attention, and should not be taken "as is").

When displaying the review, GOG simply throws the entire text and says "just display this in HTML". When the system reaches the "<" it goes "Aha! I know '&' is special in HTML, and it is written as '&".

This means that we go from "<" to "<" to "&lt", which is similar to what we see in the review.
Ideally we would go from "<" to "<" and then back to "<" again.

Why hasn't GOG fixed this problem? Maybe fixing it breaks something else. Or they are afraid of messing with security-related measures and causing more harm. Or they simply think it is not a big deal and they should not bother with it.

Personally, I think it makes some reviews difficult to understand, and makes GOG staff look sloppy.
Thanks, a really well-worded explanation! YOU'RE WINNER !
Posted May 23, 2016
Another thing which is annoying is the fact that the review section can`t display umlauts, Like "ä,ö,,ü". The chat and the forum can, but not the review section.
Pages:
1
2
This is my favourite topic
Community
General discussionBugged characters in review texts(18 posts)(18 posts)
(18 posts)