Bug #79608
closed
Wrong handling with html tags in EXT:form
Added by Georg Ringer about 7 years ago.
Updated almost 6 years ago.
Description
EXT:form strips html tags all over the place instead of properly escaping it.
- If html tags (or special chars) are not allowled, like in the name of the form or elements, those should also not allowed to be entered
- if HTML tags should be possible (especially in fields like static text), those should be possible to be entered
- Status changed from Accepted to Needs Feedback
- Assignee set to Georg Ringer
Just to get you right, allow us some questions. We do not want to store any HTML tags within the form elements. Especially, the "static text" element should only store plain text without any HTML data. If a special format is needed, the people should use the form element called "Content element".
Could you please explain your concern in more detail? Do you want us to remove any HTML formatting while entering the data into the property fields?
Another issue with any < or > in form names is discussed in more #80343.
- Status changed from Needs Feedback to Under Review
- Sprint Focus set to Remote Sprint
I came across this, while trying to build a form element that allows to insert HTML code instead of plain text. That could be very useful, if you e.g. need to display a list within the form.
Creating a content element and then link to it in just on form is overkill.
- Sprint Focus deleted (
Remote Sprint)
- Status changed from Under Review to Closed
- Assignee deleted (
Georg Ringer)
We continue this topic with a different solution: #84849. I am closing this issue in favor of #84849.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by