Bug #72948
closed
Special characters in Flashmessages are converted to HTML entities twice
100%
Description
In TYPO3\CMS\Backend\Controller\EditDocumentController::makeEditForm() line 1095 the message which is shown if somebody else edits the current record, is sent through htmlspecialchars.
In TYPO3\CMS\Core\Messaging\FlashMessageQueue::renderFlashMessages() the message is sent through htmlspecialchars, too.
Updated by Marco Huber about 8 years ago
This happens everywhere where TYPO3\CMS\Core\Messaging\FlashMessage::render() is replaced by TYPO3\CMS\Core\Messaging\FlashMessageService and TYPO3\CMS\Core\Messaging\FlashMessageQueue.
Updated by Gerrit Code Review about 8 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/46245
Updated by Marco Huber about 8 years ago
This is the regex I used:
FlashMessage::class,(\r\n?|\n)*?.*?htmlspecialchars
Updated by Gerrit Code Review about 8 years ago
Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/46301
Updated by Marco Huber about 8 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 471f94cdc79b69aa1553c7122ea209282b622376.
Updated by