Bug #94810
Updated by Oliver Hader over 2 years ago
Currently it is not possible to disable the html sanitize functionality. Tested with the <f:format.html>...</f:format.html> function When I set lib.parseFunc.htmlSanitize = 0 and lib.parseFunc_RTE.htmlSanitize = 0 the html is still sanitized. This can be testen with: <pre> <f:format.html><form action=""><input name="test" /></form></f:format.html> </pre> The issue seems to be in the class: TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer in the function parseFunc. Line: if ($conf['htmlSanitize'] ?? true) {