Bug #33651
closed
closing textarea tag on html element in backend closes the textarea itself.
Added by Martin Braun almost 13 years ago.
Updated about 6 years ago.
Description
by adding html content in the backend (html element) that contains "</textarea>", the save will be done.
however, on trying to reload/edit the html element in the backend the "</textarea>" (that is apart of own user/admin content) actually closes the textarea of the backend form itself.
the content will be cut off in the backend editor.
Files
Same bug still exists in TYPO3 4.7 and ist IMHO a major risk. Additionally, the closing </textarea> can be used to manipulate the TYPO3 backend and also include foreign code using iframes. Please take a look at the attached screenshot.
Here goes the code if want to reproduce this issue:
<form onsubmit="" method="post" action="http://www.web-vision.de/">
<input type="hidden" value="true" name="bulk">
<input type="hidden" value="1" name="register">
<input type="hidden" value="14" name="domain_cat">
Domain: <textarea name="sld"></textarea>
<h1>Now I can manipulate the TYPO3 Backend</h1>
<iframe src="/robots.txt" style="width:200px; height:200px;"></iframe>
<input type="checkbox" value="HERE GOES MY CONTENT"/>
<input type="submit" value="SUBMIT"/>
Also this breaks the frontend output of the website.
- Assignee deleted (
Helmut Hummel)
Boris Hinzer wrote:
Same bug still exists in TYPO3 4.7 and ist IMHO a major risk.
If you allow someone to use the HTML element, you must trust that person, this bug present or not. I could put arbitrary JavaScript in that element, which is then rendered in the frontend. With that I could also do everything in case a logged in user visits that page.
So yes, this bug needs to be fixed, but it does not add additional risks to a TYPO3 installation.
This bug is very very bad and should be fixed in 4.7. No more HTML with textarea-element is possible. Typo3 saves the right code one time. But it displays a destroyed version. So, if you save again, the HTML code is broken.
We've chosen 4.7 because it's LTS. We had better taken 4.5 from Ubuntu-repos... But here's a hint for everybody having the same problem. Just add the textarea-element via the template with a little bit javascript and a <div id="placeholder"></div> container:
page.headerData.31 = TEXT
page.headerData.31.value (
<script type="text/javascript">
function AddTextArea()
{
var area = document.createElement('textarea');
element = document.getElementById('placeholder').appendChild(area);
element.setAttribute('name', 'comment');
element.setAttribute('cols', '40');
element.setAttribute('rows', '10');
element.setAttribute('wrap', 'virtual');
}
</script>
)
page.bodyTag = <body onload="AddTextArea();">
- Status changed from New to Under Review
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
- Status changed from Resolved to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 
Updated by 