Bug #72948

Special characters in Flashmessages are converted to HTML entities twice

Added by Marco Huber over 5 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2016-01-26
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
7
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

In TYPO3\CMS\Backend\Controller\EditDocumentController::makeEditForm() line 1095 the message which is shown if somebody else edits the current record, is sent through htmlspecialchars.
In TYPO3\CMS\Core\Messaging\FlashMessageQueue::renderFlashMessages() the message is sent through htmlspecialchars, too.


Related issues

Related to TYPO3 Core - Task #72438: Remove deprecated code from FlashMessageClosedMichael Oehlhof2015-11-20

Actions
#1

Updated by Marco Huber over 5 years ago

This happens everywhere where TYPO3\CMS\Core\Messaging\FlashMessage::render() is replaced by TYPO3\CMS\Core\Messaging\FlashMessageService and TYPO3\CMS\Core\Messaging\FlashMessageQueue.

#2

Updated by Gerrit Code Review over 5 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/46245

#3

Updated by Marco Huber over 5 years ago

This is the regex I used:

FlashMessage::class,(\r\n?|\n)*?.*?htmlspecialchars
#4

Updated by Gerrit Code Review over 5 years ago

Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/46301

#5

Updated by Marco Huber over 5 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#6

Updated by Benni Mack over 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF