Bug #88514
closed
Inline image record title is doubly escaped
100%
Description
Running TYPO3 9.5.7.
Steps to reproduce:- On a TYPO3 page, add a new "Images Only" content element.
- In the "Images" tab, add a new image and give it the title "<".
- Save.
Expected behavior:
The inline record in the "Images" tab shows "<" after "Title" in the inline record's header.
Actual behavior:
After "Title", "<" is displayed. Screenshot attached.
InlineRecordContainer::renderForeignRecordHeader is passed HTML in $data['recordTitle'], which it then escapes again.
TYPO3 6.2 is affected as well, so probably all versions in between are too.
Files
Updated by Riccardo De Contardi over 4 years ago
Still present on 10.2.0-dev Afaics
Updated by Gerrit Code Review about 4 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63814
Updated by Gerrit Code Review about 4 years ago
Patch set 1 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63784
Updated by Susanne Moog about 4 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 1beef8d9776ec97079e8321c3703d4b75ea6730a.
Updated by 