Actions
Bug #95517
closed
spamProtectEmailAddresses - JavaScript atSubst and lastDotSubst replacements
Start date:
2021-10-07
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
10
PHP Version:
7.3
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
TESTED: (Working in 10.4.18 / breaks in 10.4.19)
config {
# ascii / -5 to 1
spamProtectEmailAddresses = -4
# (at)
spamProtectEmailAddresses_atSubst = <script type="text/javascript" language="JavaScript">document.write('@');</script><noscript>@</noscript>
# (dot)
spamProtectEmailAddresses_lastDotSubst = <script type="text/javascript" language="JavaScript">document.write('.');</script><noscript>.</noscript>
}
output/sourcecode (yes, all the whitespaces are also rendered)
<p>
<a href="javascript:linkTo_UnCryptMailto(%27ocknvq%2CkphqBrtczku%5C%2Fmkghgt0fg%27);">E: mail<script type="text/javascript" language="JavaScript">document.write('@');</script></a>
</p>
<noscript>@</noscript>mail<script type="text/javascript" language="JavaScript">document.write('.');</script><noscript>.</noscript>com
output rendered:
MAIL<SCRIPT TYPE="TEXT/JAVASCRIPT" LANGUAGE="JAVASCRIPT">DOCUMENT.WRITE('@');</SCRIPT>
<noscript>@</noscript>mail<script type="text/javascript" language="JavaScript">document.write('.');</script><noscript>.</noscript>com
<hr/>
Expected behavior
output/sourcecode before update: (This one was working perfect!)
<a href="javascript:linkTo_UnCryptMailto(%27ocknvq%2CkphqBrtczku%5C%2Fmkghgt0fg%27);">E: mail<script type="text/javascript" language="JavaScript">document.write('@');</script>@<noscript>@</noscript>mail<script type="text/javascript" language="JavaScript">document.write('.');</script>.<noscript>.</noscript>com</a>
output rendered:
E: MAIL@Mail.com
Updated by 
Updated by
Actions