Opened 16 years ago
Last modified 16 years ago
#1908 closed Bug
HtmlEncodeOutput unescapes incorrectly on some strings — at Version 2
| Reported by: | Aaron | Owned by: | Alfonso Martínez de Lizarrondo |
|---|---|---|---|
| Priority: | Normal | Milestone: | FCKeditor 2.6.1 |
| Component: | Server : ASP.Net | Version: | SVN (FCKeditor) - Retired |
| Keywords: | HasPatch Review+ | Cc: |
Description (last modified by )
In FCKeditor.LoadPostData() the code that handles reverting the HtmlEncodeOutput changes does not work properly for strings that contain "&lt;" or "&gt;". The current code replaces '&' before '<' and '>' which causes the strings mentioned to be converted to '<' and '>' respectively. What should happen is that the '&' replacement should happen after the '<' and '>' replacement. This allows the strings to be converted to '<' and '>' which I believe is the proper decoding.
Here is a patch that fixes this problem.
Index: FCKeditor.cs
===================================================================
--- FCKeditor.cs (revision 1585)
+++ FCKeditor.cs (working copy)
@@ -456,9 +456,9 @@
// Revert the HtmlEncodeOutput changes.
if ( this.Config["HtmlEncodeOutput"] != "false" )
{
- postedValue = postedValue.Replace( "&", "&" ) ;
postedValue = postedValue.Replace( "<", "<" ) ;
postedValue = postedValue.Replace( ">", ">" ) ;
+ postedValue = postedValue.Replace("&", "&");
}
if ( postedValue != this.Value )
Change History (3)
comment:1 Changed 16 years ago by
| Keywords: | HasPatch added |
|---|
Changed 16 years ago by
| Attachment: | 1908.patch added |
|---|
comment:2 Changed 16 years ago by
| Description: | modified (diff) |
|---|---|
| Keywords: | Review? added |
| Owner: | set to Alfonso Martínez de Lizarrondo |
| Status: | new → assigned |
I've attached the proposed patch for review. I'm not sure about the current released version of FCKeditor.net, so I haven't changed the what's new file
Patch as a file