Project

General

Profile

Actions

Bug #54027

closed

htmlspecialchars issue with select fields / filemounts

Added by Alexander Stehlik over 10 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
File Abstraction Layer (FAL)
Target version:
Start date:
2013-11-28
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
5.4
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

I'm not sure if this is a general issue or just an issue with filemounts.

When you have a folder with a special character (e.g. &) the value that is stored in the Database is HTML-encoded. The check if a given subfolder / file within the mount is accessible will fail.

When you look at the HTML source of the select field in the Backend, you see that the value is double HTML-encoded. I do not know if this double encoding in the value is intended behavior (which would be strange).

After clarification either the select fields need to be fixed or the filemount folder needs to be HTML-decoded.

Actions #1

Updated by Markus Klein over 10 years ago

  • Category set to File Abstraction Layer (FAL)

IMHO the DB content should not be encoded at all.

Actions #2

Updated by Gerrit Code Review over 10 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/25770

Actions #3

Updated by Steffen Ritter over 10 years ago

We need to have a look form the security side as well...

Actions #4

Updated by Gerrit Code Review over 10 years ago

Patch set 1 for branch TYPO3_6-1 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/26367

Actions #5

Updated by Gerrit Code Review over 10 years ago

Patch set 1 for branch TYPO3_6-0 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/26368

Actions #6

Updated by Alexander Stehlik over 10 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions #7

Updated by Riccardo De Contardi over 6 years ago

  • Status changed from Resolved to Closed
Actions

Also available in: Atom PDF