Project

General

Profile

Bug #94810

Updated by Oliver Hader over 3 years ago

Currently it is not possible to disable the html sanitize functionality. 
 Tested with the <f:format.html>...</f:format.html> function 
 When I set lib.parseFunc.htmlSanitize = 0 and lib.parseFunc_RTE.htmlSanitize = 0 the html is still sanitized. 

 This can be testen with: 
 <pre> 
 <f:format.html><form action=""><input name="test" /></form></f:format.html> 
 </pre> 

 The issue seems to be in the class: @TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer@ TYPO3\CMS\Frontend\ContentObject\ContentObjectRenderer in the function @parseFunc@. parseFunc. 
 Line: @if if ($conf['htmlSanitize'] ?? true) {@ {

Back