Bug #95158
closed
HtmlSanitizer accidentally enforced again due to sys_note changes
100%
Description
Issue #67556 introduced default configuration to be able to render links (anchor tags) in sys_note representation in backend context. Side-note: Usually the backend context does not have any frontend TypoScript config in lib.parseFunc_RTE, that's why links defined in RTE were not substituted.
As a negative side-effect <f:format.html parseFuncTSPath="">{content}</f:format.html> now (again) enforces HtmlSanitizer, which is to the expected behavior.
- revert change https://review.typo3.org/c/Packages/TYPO3.CMS/+/70740 (was for v11.4.0 only)
- introduce new feature(sic!)
<f:transform.link>(orf:format.link, I don't care about the name here)- which transforms
<a href="t3://whatever">into proper<a href="https://my-site.com/url">tags - which is independent from any frontend and TypoScript context
- which can be used in backend as well
- which transforms
- substitute corresponding backend templates to apply HTML sanitization and link transformation, WITHOUT invoking
ContentObjectRenderer::parseFunc
(in backend, e.g. the apply following replacement manually)
<f:format.html parseFuncTSPath="">{content -> f:format.raw()}</f:format.html>
to
{content -> f:transform.link() -> f:sanitize.html(build: 'default')}
// it also would be possible to define a custom HtmlSanitizer builder for e.g. sys_news, or reports, or ...
Updated by Jochen Roth about 3 years ago
- Related to Bug #95169: Reports ExtensionComposerStatus missing link to EM added
Updated by Gerrit Code Review about 3 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71021
Updated by Christian Kuhn about 3 years ago
- Related to Bug #67556: System news cannot render RTE content added
Updated by Gerrit Code Review about 3 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/71021
Updated by Oliver Hader about 3 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset f9bdf42dcfaded5450fc74ca0c997ab407fc05c1.
Updated by
Updated by Anonymous about 3 years ago
This is also present in TYPO3 >= 10.4.20 and should be backported. Should I open a new Ticket for that?
Updated by Oliver Hader about 3 years ago
Tobias Gaertner wrote in #note-7:
This is also present in TYPO3 >= 10.4.20 and should be backported. Should I open a new Ticket for that?
I could not find the changes of issue #67556 in TYPO3 v10 (https://github.com/TYPO3/typo3/blob/10.4/typo3/sysext/frontend/Classes/ContentObject/ContentObjectRenderer.php#L3747-L3780).
Besides that, it is true, that RTE links cannot be rendered in TYPO3 v10 - however, I (personally) would not fix it there anymore.