[TYPO3-ttnews] HTML in subheader_stdWrap.crop = 500 | ...<script>alert('....')</script> | 1
Oliver Rowlands
oliver at liquidlight.co.uk
Mon Jul 30 22:30:47 CEST 2007
Hi Michiel,
I do not quite understand what you are trying to achieve but your
<script> tags are being rendered in this way because they not part of
the allowed tags defined by general_stdWrap.parseFunc (which in turn
inherits this behaviour from lib.parseFunc_RTE).
It will work fine if you replace your <script> tag with any of the
following:
b,i,u,a,img,br,div,center,pre,font,hr,sub,sup,p,strong,em,li,ul,ol,blockquote,strike,span,h1,h2,h3,h4,h5,h6
If you really do want to use a <script> tag try the following TS though
I would *NOT* recommend it as it opens a number of potential security holes:
plugin.tt_news {
displaySingle {
subheader_stdWrap {
crop = 20 | ...<script>alert('theres more!')</script> | 1
}
}
general_stdWrap.parseFunc.allowTags := appendString(,script)
}
Regards,
Oliver
michiel zoer wrote:
> Hello all,
>
> Anyone knows how to do this:
>
> plugin.tt_news.displaySingle.subheader_stdWrap.crop = 500 |
> ...<script>alert('there's more!')</script> | 1
> the text is now rendered as " <script>alert('there's
> more!')</script> "
>
> Thanks!
>
> Michiel Zoer
>
>
--
Oliver Rowlands
:: Liquid Light ::
E - oliver at liquidlight.co.uk
W - http://www.liquidlight.co.uk
T - 00 44 (0)845 6 58 88 35
F - 00 44 (0)845 6 58 44 35
More information about the TYPO3-project-tt-news
mailing list