Bug #72443
closed
ce image: html tags within image description are rendered improperly
Added by Stefan Padberg over 8 years ago.
Updated over 8 years ago.
Priority:
Won't have this time
Description
In TYPO3 6.2.17 HTML tags in the description field of an image are rendered improperly: The brackets of the tags are coded to < and >
Until Version 6.2.15 this was not the case. Please fall back to the former way of rendering.
- Description updated (diff)
- Status changed from New to Closed
- Status changed from Closed to Rejected
- Priority changed from Must have to Won't have this time
I understand your intentions but I have no possiblity to re-activate the insertion of proper HTML content as described in the above link. In all my 6.2.17 installation I find the following Typoscript settings which are the wellknown ones. There is no parseFunc call and no stripHTML call:
[caption]
[1] = COA
[1] = TEXT
[data] = file:current:description
[required] = 1
[htmlSpecialChars] = 1
[br] = 1
This Typoscript is not working correctly anymore. So for me this is a bug.
I checked the source code of my installations. All Css_styled_content extensions contain the above TS. Is it possible that old Css_styled_content is mixed in the 6.2.17? Or is Css_styled_content not updated automatically?
everthing alright. I missunderstood some thing. can be closed
Hi everybody,
I can understand the need to disable html-code in fields like the image description for security reasons. But for some editors it is useful and neccessary to use html-code inside that field.
So I changed the TypoScript settings back prior to 6.2.16, but added a userPostFunc to remove XSS.
Here is my code:
tt_content.image.20.caption.1.1 {
parseFunc = < lib.parseFunc
htmlSpecialChars = 0
stdWrap.postUserFunc = TYPO3\CMS\Core\Utility\GeneralUtility->removeXSS
}
Wouldn't that be a way to provide the old functionality for editors while minimzing XSS-possibilities?
Please correct me, if my solution is insecure.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by