Ticket #8674 (closed Bug: fixed)

Opened 3 years ago

Last modified 5 months ago

"data-cke-saved-src" is inserted and corrupt the source

Reported by: usami Owned by:
Priority: Normal Milestone:
Component: Core : Parser Version: 3.0
Keywords: Cc:

Description

  1. At the Demo site, put image and enter following text to Alternative Text in Image Properties.
     >"'><img src="javascript:alert('Test')">
    
  1. Go to source mode and switch back to wysiwyg mode.
  2. Open Image Properties and see the Alternative Text. It became like following.
    >"'><img  data-cke-saved-src="javascript:alert( src="javascript:alert('Test')">
    

This issue is similar to this ticket (http://dev.ckeditor.com/ticket/7243), but still causing on CKEditor 3.6.2. and Demo site.

Change History

comment:1 Changed 3 years ago by j.swiderski

  • Status changed from new to confirmed
  • Version set to 3.0
  • Component changed from General to Core : Parser

The above TC can be reproduced from CKEditor 3.0 but a single change (text doesn’t grow rapidly when switching modes) from

 >"'><img src="javascript:alert('Test')">

to

>"'><img  data-cke-saved-src="javascript:alert( src="javascript:alert('Test')">

can be observed from CKEditor 3.4.1

comment:2 Changed 5 months ago by Reinmar

  • Status changed from confirmed to closed
  • Resolution set to fixed

I cannot reproduce this any more.

Note: See TracTickets for help on using tickets.
© 2003 – 2012 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy