Project

General

Profile

Actions
Copy link

Bug #72295

closed

No render of HTML TAGs anymore in tables after update from 6.2.15 to 6.2.16

Added by Christoph Kapeller over 8 years ago. Updated over 8 years ago.

Status:
Rejected
Priority:
Won't have this time
Assignee:
-
Category:
Content Rendering
Target version:
6.2.16
Start date:
2015-12-17
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
5.5
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

I found a misbehaving on the HTML rendering process...

After updating many TYPO3 installations I came to this misbehaving.
Example source from table: (just a internal link in the table element)

text content|<link 108>this is the link text</link>

renders fine in 6.2.15 but not anymore in 6.2.16
Also any other HTML tag doesnt work any more - like: <strong> <br> ...

Can someone please have a look into this.

Best regards
chriskapeller

Related issues 2 (0 open2 closed)

Has duplicate TYPO3 Core - Bug #72319: Links in tables not rendered anymoreClosed2015-12-18

Actions
Has duplicate TYPO3 Core - Bug #72443: ce image: html tags within image description are rendered improperlyRejected2015-12-26

Actions
Actions
Copy link
 #1

Updated by Andreas Kienast over 8 years ago

  • Status changed from New to Closed

Please read this security bulletin for the 6.2.16 and 7.6.1 release. What you do is basically XSS which is prevented now. You may revert the change for tt_content.table in your local TS.

Actions
Copy link
 #2

Updated by Christoph Lehmann over 8 years ago

Also empty cells now contain an  

Here is a patch which reverts such changes

--- typo3_src-6.2.16/typo3/sysext/css_styled_content/static/setup.txt    2015-12-15 13:50:49.000000000 +0100
+++ typo3_src-6.2.15/typo3/sysext/css_styled_content/static/setup.txt    2015-12-17 14:41:11.000000000 +0100
@@ -747,7 +747,7 @@ tt_content.image.20 {
         altText = TEXT
         altText {
             data = file:current:alternative
-            htmlSpecialChars = 1
+            stripHtml = 1
         }

         titleText < .altText
@@ -793,7 +793,7 @@ tt_content.image.20 {
             1 {
                 data = file:current:description
                 required = 1
-                htmlSpecialChars = 1
+                parseFunc =< lib.parseFunc
                 br = 1
             }
         }
@@ -1187,11 +1187,11 @@ tt_content.bullets {
             token.char = 10
             cObjNum = |*|1|| 2|*|
             1.current = 1
-            1.htmlSpecialChars = 1
+            1.parseFunc =< lib.parseFunc
             1.wrap = <li class="odd">|</li>

             2.current = 1
-            2.htmlSpecialChars = 1
+            2.parseFunc =< lib.parseFunc
             2.wrap = <li class="even">|</li>
         }
         dataWrap = <ul class="csc-bulletlist csc-bulletlist-{field:layout}">|</ul>
@@ -1406,7 +1406,7 @@ tt_content.table {
         cellspacing =
     }
     20.innerStdWrap.wrap = |
-    20.innerStdWrap.htmlSpecialChars = 1
+    20.innerStdWrap.parseFunc = < lib.parseFunc

     20.stdWrap {
         editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
Actions
Copy link
 #3

Updated by Christoph Kapeller over 8 years ago

Hi Andreas, thanks for the info - I just did not read the bulletin very well. I did change the TS and YES it works.
But I found out that normal HTML markup works but the TYPO3 <link 67> does not.

chriskapeller

Actions
Copy link
 #4

Updated by Andreas Kienast over 8 years ago

Hi Christoph,

this is the commit you have to revert locally in your own TS which should recover your previous functionality.

Actions
Copy link
 #5

Updated by Anja Leichsenring over 8 years ago

  • Status changed from Closed to Rejected
  • Priority changed from -- undefined -- to Won't have this time
Actions
Copy link

Also available in: Atom PDF