Opened 9 years ago

Closed 9 years ago

#6759 closed Bug (wontfix)

Protected source does not protect attributes

Reported by: Wiktor Walc Owned by:
Priority: Normal Milestone:
Component: General Version: 3.0
Keywords: Cc:

Description

With configuration setting for PHP code:

config.protectedSource.push( /<\?[\s\S]*?\?>/g );

attributes are not protected

<input name="error" type="text" value="<?=$error?>" />

Note that apart from being able to switch from wysiwyg mode and back without losing content, it should work also in the "Text Field Properties" dialog when viewing the value.

Right now the result is:

value="&lt;!--{cke_protected}%3C%3F%3D%24var%3F%3E--&gt;"

Change History (3)

comment:1 Changed 9 years ago by Wiktor Walc

Related ticket: #4475. I'm not sure if the patch included there targets this issue as well.

comment:2 Changed 9 years ago by Wiktor Walc

Milestone: CKEditor 3.5.2

Since we're already fixing issues with protected source in #4475 and #4880 it might be worth to look also at this case.

comment:3 Changed 9 years ago by Garry Yao

Milestone: CKEditor 3.5.3
Resolution: wontfix
Status: newclosed

This becomes a wontfix as stated by this comment.

Note: See TracTickets for help on using tickets.
© 2003 – 2019 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy