Feature #14315
closed
ampersands in url parameters are 'cleaned' by xhtml_cleaning
0%
Description
If xhtml_cleaning is activated, the urls in a frameset look like src='index.php?id=2&type=2' , so the second parameter is not recognized. If I deactivate xhtml_cleaning it looks like src='index.php?id=2&type=2' and all is fine. So it seems. the ampersand is replaced twice.
I found postings in the forum from people having trouble with passing parameters in urls with xhtml_cleaning activated.
I could fix it, by inserting two lines in the bidir_htmlspecialchars function in class.t3lib_parsehtml.php to exclude the ampersand entity from being parsed with htmlspecialchar:
function bidir_htmlspecialchars($value,$dir) {
if ($dir>0) {
$value = str_replace("&","<amp>",$value); //replacing all & with <amp> (there are no tags in the $value string
$value = htmlspecialchars($value);
$value = str_replace("<amp>","&",$value); //putting & back to it's place
} elseif ($dir<0) {
$value = str_replace(">",">",$value);
$value = str_replace("<","<",$value);
$value = str_replace(""",'"',$value);
$value = str_replace("&","&",$value);
}
return $value;
}
(issue imported from #M358)
Updated by
Updated by Ingmar Schlecht about 19 years ago
NCoDer, please check if this bug still exists in 3.8-dev, because the function bidir_htmlspecialchars has in the meantime been changed to cope with situations like this.
Updated by Mathias Schreiber almost 18 years ago
Closed due to general Bugtracker Cleanup.
TYPO3 Version 3.6.2 will no longer be supported.