Bug #73620

HTML-tags are visible in tables (Content)

Added by Matthias Greiling about 5 years ago. Updated about 5 years ago.

Status:
Closed
Priority:
Could have
Assignee:
-
Category:
Frontend
Target version:
Start date:
2016-02-23
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
5.6
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

Since 6.2.16 HTML-Tags in <table> were translated to <> so they are visible in the frontend.
Is this an intended behaviour?
Images with caption are wrapped with <table> - so nested tags like <span> in <caption> are also visible.

#1

Updated by Andreas Fernandez about 5 years ago

  • Status changed from New to Needs Feedback

You mean you see the HTML in the frontend? Yes, this is intended to improve security as this is basically XSS. Please head to the security bulletin: https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-013/

This TS should revert to the old behaviour:

tt_content.table {
    20.innerStdWrap.parseFunc =< lib.parseFunc
    20.innerStdWrap.htmlSpecialChars >
}

#2

Updated by Matthias Greiling about 5 years ago

thanks a lot!

#3

Updated by Andreas Fernandez about 5 years ago

  • Status changed from Needs Feedback to Closed

Also available in: Atom PDF