Render <!DOCTYPE> html to the Viewer pane (#6274)

jmcphers · web-flow · commit 1edb8010210b · 2025-02-10T18:22:11.000-08:00
This change addresses an issue in which HTML that contains a `<!DOCTYPE>` tag but _not_ an `<html>` tag will break the Console. The underlying problem is that the naive HTML parser tries to create a React element for the `!DOCTYPE` tag, which creates an exception that causes the whole console component to fail to render. There are three layers of protection added in this fix: - First, HTML returned by runtimes is inspected for `!DOCTYPE` tags. If any are found, the HTML is rendered in the Viewer pane (where it can be rendered safely in an iframe) instead of in the console. - Second, the HTML renderer now safely skips any `!TAGNAME` tags. - Third, some exception handling in the HTML renderer helps guard against exceptions taking down the whole Console. This is probably not the last issue we'll have around the heuristic way we try to render HTML returned from kernels, which is homespun and has a hard time with these kinds of edge cases. Addresses #6258. ### Release Notes  #### New Features - N/A #### Bug Fixes - Fix issue causing some Polars query plans to break the Console when printed (#6258) ### QA Notes Note that this issue is easiest to reproduce in a browser-based environment. Printing these objects should now result in the query plan to show up in the Viewer, like this: <img width="454" alt="image" src="https://github.com/user-attachments/assets/c32d8d6e-6e7b-4439-a22f-a37dd905207f" /> Test tags: `@:console`
diff --git a/src/vs/base/browser/positron/renderHtml.tsx b/src/vs/base/browser/positron/renderHtml.tsx
@@ -1,5 +1,5 @@
 /*---------------------------------------------------------------------------------------------
- *  Copyright (C) 2024 Posit Software, PBC. All rights reserved.
+ *  Copyright (C) 2024-2025 Posit Software, PBC. All rights reserved.
  *  Licensed under the Elastic License 2.0. See LICENSE.txt for license information.
  *--------------------------------------------------------------------------------------------*/
 
@@ -24,6 +24,11 @@ interface HTMLRendererOptions {
 /**
  * Renders HTML to React elements.
  *
+ * Since throwing an exception here will cause the entire React render to fail,
+ * this component renders any errors instead of throwing them. This means that
+ * rendering invalid HTML may produce a rendered error instead of the expected
+ * content.
+ *
  * @param html A string of untrusted HTML.
  * @param opts Options for rendering the HTML.
  * @returns A React element containing the rendered HTML.
@@ -35,10 +40,22 @@ export const renderHtml = (html: string, opts: HTMLRendererOptions = {}): React.
 	//
 	// Because this code must run in a very strict security context, we cannot
 	// use parsers that rely on `innerHTML` or `DOMParser`.
-	const parsedContent = parseHtml(html);
+	let parsedContent = [];
+	try {
+		parsedContent = parseHtml(html);
+	} catch (e) {
+		// If the HTML is invalid, render an error message.
+		const errorMessage = e instanceof Error ? e.message : e.toString();
+		return <div className='error'>{errorMessage}</div>;
+	}
 
 	// If there are component over-rides, use those to render the applicable elements.
 	function createElement(name: string, attrs: React.DOMAttributes<HTMLElement>, children?: (React.ReactNode | string)[] | React.ReactNode | string) {
+		// Don't try to create elements for tags that start with ! (such as
+		// <!DOCTYPE html>).
+		if (name && name[0] === '!') {
+			return undefined;
+		}
 		const Component = opts.componentOverrides?.[name] || name;
 		return React.createElement(Component, attrs, children);
 	}
@@ -78,7 +95,6 @@ export const renderHtml = (html: string, opts: HTMLRendererOptions = {}): React.
 				}
 			}
 		} else if (node.type === 'tag') {
-			// Create a React element for the tag.
 			return createElement(node.name!, node.attrs!);
 		} else {
 			// We don't render other types of nodes.
@@ -87,7 +103,14 @@ export const renderHtml = (html: string, opts: HTMLRendererOptions = {}): React.
 	};
 
 	// Render all the nodes.
-	const renderedNodes = parsedContent.map(renderNode);
+	let renderedNodes = [];
+	try {
+		renderedNodes = parsedContent.map(renderNode);
+	} catch (e) {
+		// Show any errors that occur during rendering.
+		const errorMessage = e instanceof Error ? e.message : e.toString();
+		return <div className='error'>{errorMessage}</div>;
+	}
 
 	return <div>{renderedNodes}</div>;
 };
diff --git a/src/vs/workbench/api/browser/positron/mainThreadLanguageRuntime.ts b/src/vs/workbench/api/browser/positron/mainThreadLanguageRuntime.ts
@@ -817,10 +817,12 @@ class ExtHostLanguageRuntimeSessionAdapter implements ILanguageRuntimeSession {
 		if (mimeTypes.includes('text/html')) {
 			// Check to see if there are any tags that look like they belong in
 			// a standalone HTML document.
-			if (/<(script|html|body|iframe)/.test(message.data['text/html'])) {
+			const htmlContent = message.data['text/html'];
+			if (/<(script|html|body|iframe|!DOCTYPE)/.test(htmlContent)) {
 				// This looks like standalone HTML.
-				if (message.data['text/html'].includes('<table')) {
-					// Tabular data? Probably best in the Viewer pane.
+				if (htmlContent.includes('<table') ||
+					htmlContent.includes('<!DOCTYPE')) {
+					// Tabular data or document? Probably best in the Viewer pane.
 					return RuntimeOutputKind.ViewerWidget;
 				} else {
 					// Guess that anything else is a plot.
diff --git a/src/vs/workbench/services/positronConsole/browser/positronConsoleService.ts b/src/vs/workbench/services/positronConsole/browser/positronConsoleService.ts
@@ -1545,7 +1545,8 @@ class PositronConsoleInstance extends Disposable implements IPositronConsoleInst
 					if (htmlContent.indexOf('<script') >= 0 ||
 						htmlContent.indexOf('<body') >= 0 ||
 						htmlContent.indexOf('<html') >= 0 ||
-						htmlContent.indexOf('<iframe') >= 0) {
+						htmlContent.indexOf('<iframe') >= 0 ||
+						htmlContent.indexOf('<!doctype') >= 0) {
 						// We only want to render HTML fragments for now; if it has
 						// scripts or looks like it is a self-contained document,
 						// hard pass. In the future, we'll need to render those in a
