Bug #28536
JSwindow-typolink URLs are encoded twice with htmlspecialchars()
| Status: | Resolved | Start date: | 2011-07-28 | |
|---|---|---|---|---|
| Priority: | Must have | Due date: | ||
| Assignee: | Helmut Hummel | % Done: | 100% |
|
| Category: | Content Rendering | |||
| Target version: | 4.5.5 | |||
| TYPO3 Version: | 4.5 | Complexity: | ||
| PHP Version: | ||||
| Votes: | 0 |
Description
#28189 introduces a bug in JSwindow-typolink URLs, which are being encoded twice with htmlspecialchars().
In "class.tslib_content.php" line 5905 t3lib_div::quoteJSvalue is called, which does htmlspecialchars() on the final URL. Then, in line 5908 again htmlspecialchars() is called for the same URLs, which already has been encoded in line 5905.
This results in non working URLs with double ampersands like this:
www.domain.tld/index.php?id=1&parameter1&parameter2
Removing the htmlspecialchars() in line 5905 resolves the problem.
Related issues
Associated revisions
[BUGFIX] JSwindow-typolink URLs are encoded twice
In #28189 a bug was introduced for JSwindow-typolink URLs.
Because t3lib_div::quoteJSvalue is called without second paramter,
the value passed to it will also be encoded with htmlspecialchars()
which is then done a second time when putting the link together.
Change the t3lib_div::quoteJSvalue call to not encode
the result with htmlspecailchars()
Resolves: #28536
Related: #28189
Releases: 4.3, 4.4, 4.5, 4.6
Change-Id: If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150
Reviewed-on: http://review.typo3.org/3901
Reviewed-by: Torben Hansen
Tested-by: Torben Hansen
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
[BUGFIX] JSwindow-typolink URLs are encoded twice
In #28189 a bug was introduced for JSwindow-typolink URLs.
Because t3lib_div::quoteJSvalue is called without second paramter,
the value passed to it will also be encoded with htmlspecialchars()
which is then done a second time when putting the link together.
Change the t3lib_div::quoteJSvalue call to not encode
the result with htmlspecailchars()
Resolves: #28536
Related: #28189
Releases: 4.3, 4.4, 4.5, 4.6
Change-Id: If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150
Reviewed-on: http://review.typo3.org/3913
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
[BUGFIX] JSwindow-typolink URLs are encoded twice
In #28189 a bug was introduced for JSwindow-typolink URLs.
Because t3lib_div::quoteJSvalue is called without second paramter,
the value passed to it will also be encoded with htmlspecialchars()
which is then done a second time when putting the link together.
Change the t3lib_div::quoteJSvalue call to not encode
the result with htmlspecailchars()
Resolves: #28536
Related: #28189
Releases: 4.3, 4.4, 4.5, 4.6
Change-Id: If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150
Reviewed-on: http://review.typo3.org/3914
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
[BUGFIX] JSwindow-typolink URLs are encoded twice
In #28189 a bug was introduced for JSwindow-typolink URLs.
Because t3lib_div::quoteJSvalue is called without second paramter,
the value passed to it will also be encoded with htmlspecialchars()
which is then done a second time when putting the link together.
Change the t3lib_div::quoteJSvalue call to not encode
the result with htmlspecailchars()
Resolves: #28536
Related: #28189
Releases: 4.3, 4.4, 4.5, 4.6
Change-Id: If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150
Reviewed-on: http://review.typo3.org/3915
Reviewed-by: Helmut Hummel
Tested-by: Helmut Hummel
History
Updated by Helmut Hummel almost 2 years ago
- Status changed from New to Accepted
- Assignee set to Helmut Hummel
Confirmed :(
Updated by Torben Hansen almost 2 years ago
Thanks! Patch is working.
Updated by Mr. Hudson almost 2 years ago
Patch set 1 of change If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150 has been pushed to the review server.
It is available at http://review.typo3.org/3901
Updated by Helmut Hummel almost 2 years ago
Steps to reproduce:
1. Use the following Typoscript:
lib.printLink = TEXT
lib.printLink {
value = Print Page
htmlSpecialChars = 1
typolink.parameter = # 800x600:scrollbars=yes
typolink.additionalParams = &print=1
typolink.addQueryString = 1
}
page.1 < lib.printLink
2. Click on the link
Updated by Anonymous almost 2 years ago
- Status changed from Accepted to Resolved
- % Done changed from 0 to 100
Applied in changeset 423fc9e1dabbfe3fd9f9c24dae94d06f139126e4.
Updated by Steffen Gebert almost 2 years ago
- Status changed from Resolved to Under Review
Updated by Mr. Hudson almost 2 years ago
Patch set 1 of change If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150 has been pushed to the review server.
It is available at http://review.typo3.org/3913
Updated by Mr. Hudson almost 2 years ago
Patch set 1 of change If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150 has been pushed to the review server.
It is available at http://review.typo3.org/3914
Updated by Mr. Hudson almost 2 years ago
Patch set 1 of change If6bcad4d2bf1e0a4b3f5a6f04e4718df8e4e7150 has been pushed to the review server.
It is available at http://review.typo3.org/3915
Updated by Anonymous almost 2 years ago
- Status changed from Under Review to Resolved
Applied in changeset 2dd253db4285f2c51653aa6e04909a23c04b4c85.