Adding <script> Tag in pagetitle field
If i add a new page., I just tried to include HTML Code in field "pagetitle". TYPO3 Backend accept this and the Frontend render this HTML Code:
I think HTML is okay, but the <script> Tag is maybe to insecure?
I add this code:
(issue imported from #M8019)
Updated by Guido S. over 13 years ago
I found it in an another way. I change pagetitle in Admin, and i think all is fine. I found no JS Popups in Admin. Where have you found this?
We see the JS Popup in the frontend if TYPO3 generate the menu (special = directory)
<title> use htmlsepcialchars(), thats right