[TYPO3-core] RFC #15635: Bug: XHTML validity of backend when sys_action is loaded
Helmut Hummel
helmut at typo3.org
Fri Sep 3 20:36:47 CEST 2010
Hi Ernesto,
On 03.09.10 19:53, Ernesto Baschny [cron IT] wrote:
>
> Problem:
> sys_action is able to generate links for the backend.php toolbar. The
> links with a href and "&" parameters, but this is not properly escaped
> (htmlspecialchars missing).
>
> Solution:
> Escape the links, so that that part gets XHTML valid.
+1 by reading (nobrainer imho)
Regards Helmut
More information about the TYPO3-team-core
mailing list