Bug report: Links rendering incorrectly in bug bounty page

[darigovresearch]

Describe the bug

Two links in the in scope section are not rendering correctly

To reproduce

1. Go to https://ethereum.org/en/bug-bounty/
2. Scroll down to 'In scope'
3. See error

Expected behavior

Link to the relevant locations

Screenshots

Desktop (please complete the following information)

Any device/browser

Smartphone (please complete the following information)

Any device/browser

Additional context

No response

Would you like to work on this issue?

• Yes
• No

[rileyannon]

I'm pretty sure this is an issue with React trying to prevent XSS attacks. This could probably be bypassed with dangerouslySetInnerHTML.

[wackerow]

This is related to how we parse internationalized strings...

Strings for React pages are inside .json files, each with a "key"... we have two ways that we can parse that "key" into the string we want:

1. With the Translation component, ie: <Translation id="page-bug-bounty:page-bug-bounty-some-string" />
2. With the useTranslation() hook, ie:

const { t } = useTranslation("page-bug-bounty")
t("page-bug-bounty-some-string")

Approach 2 is lighter-weight, and preferred, but it does not allow for the use of htmr which will process the HTML contained in those strings.

This string is inside page-bug-bounty.json ("page-bug-bounty" namespace), with a key of "page-upgrades-bug-bounty-validity-desc"... We then render this inside pages/bug-bounty.tsx using:

<Text>{t("page-upgrades-bug-bounty-validity-desc")}</Text>

We just need to update this to use the Translation component instead as:

<Text>
  <Translation id="page-bug-bounty:page-upgrades-bug-bounty-validity-desc" />
</Text>

^ By doing that, it should parse the HTML contained in this string appropriately.

@darigovresearch Assigning you =)

[bhargavkakadiya]

@wackerow it's a small fix and open for a while now, can I submit a PR for this?

[wackerow]

@darigovresearch You were the original poster, and marked yes to wanting to work on this so I assigned you and would like to give you the chance to patch this.

It'd be nice to get this patched by the next deploy, so we still have til at least Tuesday... would you be able to do that?

@bhargavkakadiya I'd ask you to hold for the moment, and @darigovresearch just let us know if you'd like to knock this out or let @bhargavkakadiya handle it. Can circle back on this in a couple days.

[darigovresearch]

@wackerow thanks for the guidance, have now put in a pull request (#12671)

Have checked that the netlify preview on the page no longer renders the links - https://deploy-preview-12671--ethereumorg.netlify.app/en/bug-bounty/#rules

When searching for href in the search bar of the netlify preview there still appears to show the bug bounty page with hrefs in the page. Assume this is because the index of the search is not based on the contents of the pull request but some other API index. Can you confirm?

Otherwise happy to raise an another issue and with some guidance and get this particular pull request merged for the next deployment on Tuesday. Allow edits and access to secrets by maintainers is also enabled on the pull request if you wish to add or remove anything in the pull request.