Project

General

Profile

Actions
Copy link

Bug #81806

closed

Unescaped value in FormEngine.removeOption selector query

Added by Pierrick Caillon over 7 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Wolfgang Klinger
Category:
FormEngine aka TCEforms
Target version:
-
Start date:
2017-07-05
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
7
PHP Version:
5.6
Tags:
JavaScript
Complexity:
easy
Is Regression:
Sprint Focus:
On Location Sprint

Description

I have a form field whose values comes from a list of subscribed classes for some roles.

The flexform TCA for this form field looks like that:

<providers>
    <TCEforms>
        <label>LLL:EXT:my_ext/Resources/Private/Language/locallang.xlf:flexform.sheets.general.providers</label>
        <config>
            <type>select</type>
            <itemsProcFunc>Vendor\MyExt\Flexform\Helper-&gt;renderProviderList</itemsProcFunc>
            <maxitems>100</maxitems>
            <size>4</size>
        </config>
    </TCEforms>
</providers>

The computed items list looks like:

[
    [ 'First provider', 'Vendor\\MyExt\\FirstProvider' ],
    [ 'Second provider', 'Vendor\\MyExt\\SecondProvider' ]
]

Manipulating the form element does not work well.

The issue is removing an element from the selected box is not working. After step by step debugging, it looks like the value $(this).attr('value') needs selector string escaping on line 569 of EXT:backend/Resources/Public/JavaScript/FormEngine.js.

Also affect 8 LTS. The affected code portion is the same. Only one line down.

Actions
Copy link
 #1

Updated by Susanne Moog over 7 years ago

  • Tags set to JaáVht
Actions
Copy link
 #2

Updated by Susanne Moog over 7 years ago

  • Tags changed from JaáVht to JavaScript
  • Sprint Focus set to On Location Sprint
Actions
Copy link
 #3

Updated by Wolfgang Klinger over 7 years ago

  • Assignee set to Wolfgang Klinger
Actions
Copy link
 #4

Updated by Gerrit Code Review over 7 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/53499

Actions
Copy link
 #5

Updated by Gerrit Code Review over 7 years ago

Patch set 1 for branch TYPO3_8-7 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/53557

Actions
Copy link
 #6

Updated by Anonymous over 7 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link
 #7

Updated by Gerrit Code Review over 7 years ago

  • Status changed from Resolved to Under Review

Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/53563

Actions
Copy link
 #8

Updated by Anonymous over 7 years ago

  • Status changed from Under Review to Resolved
Actions
Copy link
 #9

Updated by Gerrit Code Review over 7 years ago

  • Status changed from Resolved to Under Review

Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/53572

Actions
Copy link
 #10

Updated by Anonymous over 7 years ago

  • Status changed from Under Review to Resolved
Actions
Copy link
 #11

Updated by Benni Mack about 6 years ago

  • Status changed from Resolved to Closed
Actions
Copy link

Also available in: Atom PDF