Details
Description
Problem
The Tooltip created as mitigation for CVE-2021-42574, has some issues using Chrome. There are specific scenarios which the BIDI characters are highlighted but the tooltip is not available.
Environment
Bitbucket 7.14.4
Chrome
Steps to Reproduce
- Upload the attached files to Bitbucket
- On Bitbucket UI, go the repository and open the CodeMirror.java
- Try to get the tooltip on lines 7 and 17
- Go back and open the CodeMirror.txt
- Try to get the tooltip on lines 7 and 17
Expected Results
The tooltip should work properly for all the five BIDI characters from both files
Actual Results
Despite the fact all the five BIDI characters from this sample java file are highlighted, the first one from line 7 and the one from line 17 does not show the tooltip. The same behavior does not happen with the sample text file. Both files have the same contents, the only difference is one has .java extension and the other .txt
Workaround
Use a different browser. The use case was tested using Mozilla Firefox and Safari, and for both browsers the outcome was different from Chrome, the tooltip worked as expected there.
Notes