From f36da6f839030923ee09de1470cad98f5ae0b50e Mon Sep 17 00:00:00 2001
From: Sergei Maertens <sergei@maykinmedia.nl>
Date: Mon, 6 Jan 2025 15:32:54 +0100
Subject: [PATCH] :bug: [#4978] Fix accidental HTML escaping in summary
 PDF/confirmation email

While the component/formatter properly takes care of conditional
escaping by leveraging format_html and friends, the post-processor
was converting the SafeString into a regular string again by doing
string-interpolation for the file names, which leads to the full
result being HTML escaped again.

In HTML mode, the prefix 'attachment' is now dropped, as the markup and
context of the label/field should provide sufficient information and
the 'attachment:' prefix looks odd in combination with the <ul> markup.
---
 src/openforms/emails/tests/test_confirmation_email.py |  4 +---
 src/openforms/formio/formatters/formio.py             | 10 +++++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/openforms/emails/tests/test_confirmation_email.py b/src/openforms/emails/tests/test_confirmation_email.py
index 34f18a53f0..c6f0028c0d 100644
--- a/src/openforms/emails/tests/test_confirmation_email.py
+++ b/src/openforms/emails/tests/test_confirmation_email.py
@@ -227,9 +227,7 @@ def test_attachment(self):
         self.assertTagWithTextIn("td", "Last name", rendered_content)
         self.assertTagWithTextIn("td", "Doe", rendered_content)
         self.assertTagWithTextIn("td", "File", rendered_content)
-        self.assertTagWithTextIn(
-            "td", _("attachment: %s") % "my-image.jpg", rendered_content
-        )
+        self.assertTagWithTextIn("td", "my-image.jpg", rendered_content)
 
     @patch(
         "openforms.emails.templatetags.appointments.get_plugin",
diff --git a/src/openforms/formio/formatters/formio.py b/src/openforms/formio/formatters/formio.py
index 4069e1e23f..b0b29b28a0 100644
--- a/src/openforms/formio/formatters/formio.py
+++ b/src/openforms/formio/formatters/formio.py
@@ -81,10 +81,14 @@ def normalise_value_to_list(self, component: Component, value: Any):
             return value
 
     def process_result(self, component: Component, formatted: str) -> str:
-        # prefix joined filenames to match legacy
-        if formatted:
+        if not formatted:
+            return ""
+
+        # Make sure we don't mangle safe-strings!
+        if self.as_html:
+            return formatted
+        else:
             return _("attachment: %s") % formatted
-        return formatted
 
     def format(self, component: Component, value: dict) -> str:
         # this is only valid for display to the user (because filename component option, dedupe etc)