[TYPO3-core] RFC #15587: Bug: htmlspecialchars called twice
Susanne Moog
typo3 at susannemoog.de
Fri Nov 5 19:52:22 CET 2010
On 30.10.2010 09:52, Mikkel Ricky wrote:
> This is an SVN patch request.
>
> Type: Bugfix
>
> Bugtracker references: http://bugs.typo3.org/view.php?id=15587
>
> Branches: TYPO3_4-4 & trunk
>
> Problem: urls to external css and javascript resources include via
> PAGE.includeCSS/includeJS are passed through htmlspecialchars twice
>
> Solution:
> In "typo3/sysext/cms/tslib/class.tslib_pagegen.php" all htmlspecialchars
> calls are removed from arguments in method calls to
>
> * t3lib_PageRenderer::addCssFile
> * t3lib_PageRenderer::addJsLibrary
> * t3lib_PageRenderer::addJsFooterLibrary
> * t3lib_PageRenderer::addJsFile
> * t3lib_PageRenderer::addJsFooterFile
>
> In "t3lib/class.t3lib_pagerenderer.php" additional htmlspecialchars
> calls are added when rendering html output, i.e. *all* attribute values
> are sent through htmlspecialchars().
+1 by reading and testing (with the example path to a css from bug tracker)
Susanne
--
What's worth the price is always worth the fight
Every second counts 'cause there's no second try
TYPO3 Core Team Member
More information about the TYPO3-team-core
mailing list