[TYPO3-core] RFC #15635: Bug: XHTML validity of backend when sys_action is loaded
Ernesto Baschny [cron IT]
ernst at cron-it.de
Fri Sep 3 19:53:47 CEST 2010
Hi,
This is a SVN patch request.
Type: Bugfix
BT reference: http://bugs.typo3.org/view.php?id=15635
Branches: trunk, TYPO3-4_4, TYPO3-4_3
Problem:
sys_action is able to generate links for the backend.php toolbar. The
links with a href and "&" parameters, but this is not properly escaped
(htmlspecialchars missing).
Solution:
Escape the links, so that that part gets XHTML valid.
How to test:
Install the sys_action extension. Add some actions. And reload the
backend. The backend becomes XHTML invalid.
Cheers,
Ernesto
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 15635.diff
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20100903/a1dee037/attachment.asc>
More information about the TYPO3-team-core
mailing list