Opened 11 years ago

Closed 10 years ago

#2563 closed Bug (expired)

HTML Entities in a link text: &lang=de => 〈=de

Reported by: dos@… Owned by:
Priority: Normal Milestone:
Component: General Version:
Keywords: Pending Cc:

Description

The editor does not correctly handle strings like &lang=de. This string will be converted into 〈=de during loading.

Maybe the editor converts & to simple &, resulting &lang=de, and then the editor will handle this as as an entity like ⟨=de and then converts it into an UTF8 code 〈.

I found it while i tried to save a link with url params in the text. In the href section it is handled correctly, but not in text section of an A-Tag: <a href="domain.com?param=1&amp;lang=de">domain.com?param=1&#9001=de</a>

I think the editor does not correctly check, if this is really a HTML-Entity, cause really entities have a trailing ";".

An update did not resolve this bug.

Change History (10)

comment:1 Changed 11 years ago by Artur Formella

Keywords: Confirmed added

comment:2 Changed 11 years ago by Alfonso Martínez de Lizarrondo

What are the steps to reproduce? Does this affect all browsers?

I've tried to load <p><a href="domain.com?param=1&amp;lang=de">domain.com?param=1&amp;lang=de</a></p> and switching to design and back to source again didn't change anything.

comment:3 Changed 11 years ago by Artur Formella

In FF:

1.Go to http://www.fckeditor.net/demo

2.Load source

<p><a href="domain.com?param=1&lang=de">domain.com?param=1&lang=de</a></p>

3.Switch to WYSIWYG. A-content is changed.

4.Switch back to source

<p><a href="domain.com?param=1&amp;lang=de">domain.com?param=1&lang;=de</a></p>

comment:4 Changed 11 years ago by Alfonso Martínez de Lizarrondo

But that doesn't match the original report.

<p><a href="domain.com?param=1&lang=de">domain.com?param=1&lang=de</a></p> is invalid HTML, as a human you can know that in that situation the & really means &amp; but the browsers usually try to parse it as &lang;

When invalid input is provided, the output can be anything, so this bug would be invalid in that situation.

comment:5 Changed 11 years ago by dos@…

i'm sorry... here are my steps:

  1. i typed:

<p><a href="http://domain.com/index.php?param=1&amp;lang=de">http://domain.com/index.php?param=1&amp;lang=de</a></p>

  1. save it! <<<<
  1. now its changed to:

<p><a href="http://domain.com/index.php?param=1&amp;lang=de">http://domain.com/index.php?param=1〈=de</a></p>

the code after param=1 is the &lang;

comment:6 Changed 11 years ago by Alfonso Martínez de Lizarrondo

If the problem only happens when you save the data and then reload back it can be a problem with your server scripts. If you can reproduce it just switching between design and source view without saving then it's something done inside FCKeditor.

Can you verify that the data is saved correctly, and when you edit again, in the source the correct &lang; does exist?

comment:7 Changed 11 years ago by dos@…

after saving, the content of the file is correct.

this happens when the file will be reloaded _after_ saving.

and:

When i type in the code &lang=de in sourcecode view and switch back to htmlview this will happen too.

comment:8 in reply to:  7 Changed 11 years ago by Alfonso Martínez de Lizarrondo

Replying to dos@pixelbrand.net:

after saving, the content of the file is correct.

this happens when the file will be reloaded _after_ saving.

Can you verify that the code provided to FCKeditor is the correct and hasn't been modified by your script?

I've tested to initialize it with

oFCKeditor.Value = '<p><a href="domain.com?param=1&amp;lang=de">domain.com?param=1&amp;lang=de</a></p>' ;

and it works fine

When i type in the code &lang=de in sourcecode view and switch back to htmlview this will happen too.

As I said previously, that's invalid HTML, so anything can happen in that situation.

comment:9 Changed 11 years ago by Artur Formella

Keywords: Pending added; Confirmed removed

comment:10 Changed 10 years ago by Alfonso Martínez de Lizarrondo

Resolution: expired
Status: newclosed

expired

Note: See TracTickets for help on using tickets.
© 2003 – 2019 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy