0x2620
/
pandora
2
1
Fork 1
Code Issues 1.3k Pull Requests Releases Wiki Activity

mixing tags with urls breaks sanitizeHTML #1922

New Issue
Open
opened 2013-10-24 13:45:03 +00:00 by j · 0 comments
j commented 2013-10-24 13:45:03 +00:00
Owner
Copy Link

pasting something like:

<iframe width="425" height="350" src="https://maps.google.com/maps/ms?ie=UTF8&hl=en&msa=0&t=h&msid=205341649788129021815.0004919f43593ce205203&ll=19.053721,72.930336&spn=0.00716,0.009935&output=embed"></iframe>

will be escaped strangely. somehow turning the url into a link adds a closing and only than escapes it.

pasting something like: ``` <iframe width="425" height="350" src="https://maps.google.com/maps/ms?ie=UTF8&hl=en&msa=0&t=h&msid=205341649788129021815.0004919f43593ce205203&ll=19.053721,72.930336&spn=0.00716,0.009935&output=embed"></iframe> ``` will be escaped strangely. somehow turning the url into a link adds a closing </iframe> and only than escapes it.
j added the
frontend
 label 2013-10-24 13:45:03 +00:00
rlx was assigned by j 2013-10-24 13:45:03 +00:00
j added the
major
defect
 labels 2013-10-24 13:45:03 +00:00
rlx added this to the 13.04 milestone 2014-02-09 19:55:43 +00:00
rlx modified the milestone from 13.02 to 14.02 2014-02-09 20:01:24 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
stable
Labels
Clear labels   
backend

   
critical

   
defect

   
duplicate

   
enhancement

   
fixed

   
frontend

   
general

   
invalid

   
major

   
minor

   
normal

   
oxjs

   
pandora_client

   
python-ox

   
task

   
trivial

   
wontfix

   
worksforme
No Label
backend
critical
defect
duplicate
enhancement
fixed
frontend
general
invalid
major
minor
normal
oxjs
pandora_client
python-ox
task
trivial
wontfix
worksforme
Milestone
Clear milestone
No items
No Milestone
14.02
Assignees
Clear assignees
No Assignees
rlx
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: 0x2620/pandora#1922
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?