[TYPO3-dam-devel] RFC #13468: Title with qoutes gets truncated
Uschi Renziehausen
typo3news at otherone.de
Thu Feb 18 18:19:18 CET 2010
Hi Chris,
what will happen if you allow html in the title?
Uschi
Chris Müller schrieb:
> REMINDER #1
>
> Addition - Steps to reproduce:
> 1. Give a file the title: hello "quotes"
> 2. Click on the "Rename" icon of that file
> 3. The title in the input field is truncated: hello
>
> This is because the title isn't filtered by htmlspecialchars()
>
> C'mon, it's a no-brainer...
>
> Am 08.02.2010 20:20, schrieb Chris Müller:
>> This is a SVN patch request.
>>
>> Branches:
>> Trunk and 1.1
>>
>> Reference:
>> http://bugs.typo3.org/view.php?id=13468
>>
>> Problem:
>> If you have a title with quotes in the meta information the title gets
>> truncated if you choose "Rename". This is because the title isn't quoted.
>>
>> Solution:
>> Filter the title through htmlspecialchars.
>>
>> Regards,
>> Chris.
>
More information about the TYPO3-team-dam
mailing list