[TYPO3-core] RFC #15587: Bug: htmlspecialchars called twice
Mikkel Ricky
mikkel at mikkelricky.dk
Sat Oct 30 09:52:05 CEST 2010
This is an SVN patch request.
Type: Bugfix
Bugtracker references: http://bugs.typo3.org/view.php?id=15587
Branches: TYPO3_4-4 & trunk
Problem: urls to external css and javascript resources include via
PAGE.includeCSS/includeJS are passed through htmlspecialchars twice
Solution:
In "typo3/sysext/cms/tslib/class.tslib_pagegen.php" all htmlspecialchars
calls are removed from arguments in method calls to
* t3lib_PageRenderer::addCssFile
* t3lib_PageRenderer::addJsLibrary
* t3lib_PageRenderer::addJsFooterLibrary
* t3lib_PageRenderer::addJsFile
* t3lib_PageRenderer::addJsFooterFile
In "t3lib/class.t3lib_pagerenderer.php" additional htmlspecialchars
calls are added when rendering html output, i.e. *all* attribute values
are sent through htmlspecialchars().
Best regards,
Mikkel Ricky
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch_15587.diff
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20101030/02ee4394/attachment.asc>
More information about the TYPO3-team-core
mailing list