Ampersand (&) Broken For Months

There are several questions about ampersands dating back to December, 2015.  You can search the forums for "ampersand" to see them all.  The cause of all of these issues (including display, searching, etc.) is that your website is changing the ampersand character (&) into its HTML escape value (&) immediately after someone types it in.  This has the following effects:

1) Searching on a category that has an ampersand will not find results (e.g. "Gas & Fuel" does not match "Gas & Fuel").

2) Descriptions/Payees are not correct in the display (e.g. "Bed Bath & Beyond").

This has nothing to do with browsers, browser versions, or cache.  It was a change made to the code sometime in late November or early December 2015, and is coming from the server side.

This is a huge pain and such an easy thing to fix.  I find it funny that Mint engineers targeted the ampersand character since the escape character also has the ampersand in it (& becomes &).  I can think of no reason that you would need to do this - it has no impact on site security.

Users have already submitted support tickets to Mint, and have also pinged @MintCares on Twitter.  No result.  There are workarounds to search submitted by Mint users that involve manipulating the URL in the address bar, but this does not solve the problem of new categories or descriptions being saved incorrectly.  Here is the link to all of the other related questions, and posts to Twitter:

https://mint.lc.intuit.com/search?q=ampersand

https://twitter.com/search?q=%40MintCares%20ampersand

Hoping for a real response from Mint, but not hopeful.

UPDATE:  The problem is in the library.js Javascript file:

Starting on line 9708 in library.js:

},htmlescape:function(W){return(W+A)[aa](/[&<>"'\/`]/g,this._htmlReplacer)
},_htmlReplacer:function(W){return{"&":"&amp;","<":"&lt;",">":"&gt;",'"':"&quot;","'":"&#x27;","/":"&#x2F;","`":"&#x60;"}[W]
},htmlunescape:function(W){return(W+A)[aa](/&(amp|lt|gt|quot|#x27|#x2F|#x60);/g,this._htmlEntitesReplacer)
},_htmlEntitesReplacer:function(W){return{"&amp;":v,"&lt;":"<","&gt;":">","&quot;":'"',"&#x27;":"'","&#x2F;":ad,"&#x60;":"`"}[W]
},saniCheckInputString:function(W){if(W[x](/\&/g)){W=this.htmlescape(W)

Only the ampersand character is being encoded due to the /\&/g pattern.  None of these other values (<, >, etc.) are being evaluated.

Suggested fix - just get rid of this entire stack.  Not needed. The unescape is never called, and only the & is going through the routine.  A quick fix:

saniCheckInputString:function(W){return;


No answers have been posted

More Actions

People come to Mint for help and answers—we want to let them know that we're here to listen and share our knowledge. We do that with the style and format of our responses. Here are five guidelines:

  1. Keep it conversational. When answering questions, write like you speak. Imagine you're explaining something to a trusted friend, using simple, everyday language. Avoid jargon and technical terms when possible. When no other word will do, explain technical terms in plain English.
  2. Be clear and state the answer right up front. Ask yourself what specific information the person really needs and then provide it. Stick to the topic and avoid unnecessary details. Break information down into a numbered or bulleted list and highlight the most important details in bold.
  3. Be concise. Aim for no more than two short sentences in a paragraph, and try to keep paragraphs to two lines. A wall of text can look intimidating and many won't read it, so break it up. It's okay to link to other resources for more details, but avoid giving answers that contain little more than a link.
  4. Be a good listener. When people post very general questions, take a second to try to understand what they're really looking for. Then, provide a response that guides them to the best possible outcome.
  5. Be encouraging and positive. Look for ways to eliminate uncertainty by anticipating people's concerns. Make it apparent that we really like helping them achieve positive outcomes.

Select a file to attach: