Project

General

Profile

Actions
Copy link

Bug #51440

closed

htmlSpecialChars not working for typolink.returnLast = url

Added by Henrik Ziegenhain about 11 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
TypoScript
Target version:
-
Start date:
2013-08-28
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.1
PHP Version:
5.3
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

It is not possible to escape special chars like "&" in a returned URL when you are working with additionalParams.

The following is not working

 10 = TEXT
 10 {
   typolink{
     parameter = 79
     additionalParams = &tx_indexedsearch_pi2[action]=search&tx_indexedsearch_pi2[controller]=Search
     additionalParams.stdWrap.htmlSpecialChars = 1
     returnLast = url
   }
   wrap = <form action="|" method="post" name="searchform" id="tx_indexedsearch">
  }

The generated HTML is the following

<form action="index.php?id=79&amp%3Btx_indexedsearch_pi2%5Baction%5D=search&amp%3Btx_indexedsearch_pi2%5Bcontroller%5D=Search" method="post" name="searchform" id="tx_indexedsearch">

As you see, the & is transformed to &amp - the semicolon is missing.

If you remove the htmlSpecialChars = 1 from above completly the generated HTML is 

<form action="index.php?id=79&tx_indexedsearch_pi2%5Baction%5D=search&tx_indexedsearch_pi2%5Bcontroller%5D=Search" method="post" name="searchform" id="tx_indexedsearch">

This is also not valid HTML.

Why is $this->lastTypoLinkUrl in \TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer not htmlspecialchared directly before returning? Are there any sideeffects?

Actions
Copy link
 #1

Updated by Riccardo De Contardi almost 10 years ago

Still present in TYPO3 6.2.9

Actions
Copy link
 #2

Updated by Riccardo De Contardi over 9 years ago

  • Is Regression set to No

still present on 6.2.14 and 7.4-dev (latest master)

Actions
Copy link
 #3

Updated by Riccardo De Contardi over 8 years ago

also present on 8.2-dev (latest master)

Actions
Copy link
 #4

Updated by Riccardo De Contardi over 5 years ago

I tried to test this issue on the latest master (10.0.0-dev) and these are the results:

with htmlSpecialChars = 1

<form action="/my-page?amp%3Btx_indexedsearch_pi2%5Baction%5D=search&amp%3Btx_indexedsearch_pi2%5Bcontroller%5D=Search&cHash=3e0def5a77e10e54118bad82257cadc9" method="post" name="searchform" id="tx_indexedsearch">

as you can see, the first "&" becomes just "amp"

with htmlSpecialChars =0

<form action="/my-page?tx_indexedsearch_pi2%5Baction%5D=search&tx_indexedsearch_pi2%5Bcontroller%5D=Search&cHash=dc77db77ac481385ad827619604dda7d" method="post" name="searchform" id="tx_indexedsearch">

please take note that the W3C validator https://validator.w3.org/ considers this second form valid.

Actions
Copy link
 #5

Updated by Benni Mack over 5 years ago

  • Status changed from New to Needs Feedback

Question is if you want to HSC or if you want to urlencode the additional parameters?

Actions
Copy link
 #6

Updated by Benni Mack over 4 years ago

  • Status changed from Needs Feedback to Closed

Hey Henrik,
I'm closing this one now due to lack of feedback. Let me know (via Slack, Chat or in this issue) if I should re-open the issue once you provide more input.

Actions
Copy link

Also available in: Atom PDF