Problem
The subreddit search page renders data.public_description as raw text, while the standard subreddit listing page applies he.decode() to the same field. Result: HTML entities (&, ", ', etc.) leak through to users browsing search results.
Where
src/views/sub-search.pug:37 renders #{i.data.public_description} directly. Compare src/routes/index.js:677 which does about.public_description = he.decode(about.public_description) before rendering.
Fix
Decode the description in the /sub-search route handler before passing to the template (mirror the renderIndex pattern), or decode in the template via the htmlDecode helper already in postUtils.pug.
Reproduction
Search any subreddit with an apostrophe, ampersand, or special character in its description — /r/mapmaking, /r/appleswap were noted as examples. Compare the description shown on the search results page vs. the subreddit's own page.
Problem
The subreddit search page renders
data.public_descriptionas raw text, while the standard subreddit listing page applieshe.decode()to the same field. Result: HTML entities (&,",', etc.) leak through to users browsing search results.Where
src/views/sub-search.pug:37renders#{i.data.public_description}directly. Comparesrc/routes/index.js:677which doesabout.public_description = he.decode(about.public_description)before rendering.Fix
Decode the description in the
/sub-searchroute handler before passing to the template (mirror the renderIndex pattern), or decode in the template via thehtmlDecodehelper already inpostUtils.pug.Reproduction
Search any subreddit with an apostrophe, ampersand, or special character in its description —
/r/mapmaking,/r/appleswapwere noted as examples. Compare the description shown on the search results page vs. the subreddit's own page.