Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-6768

HTML entity escaping for XMLProcessor (e.g. print case report) needs to be reworked

          Details

          • Type: Bug
          • Status: Done/Fixed
          • Priority: Minor
          • Resolution: Fixed/Completed
          • Affects Version/s: 3.2.2
          • Fix Version/s: 3.2.3
          • Component/s: CiviCase
          • Labels:
            None

            Description

            This hasn't been noticed because ckeditor actually does some of its own escaping, e.g. "Blah & blah" is stored in the database as "<p> Blah & blah</p>", combined with xml processing just ignoring the <p>'s as xml markup not data. So in the output it comes through escaped almost by accident as "Blah & blah".

            However something like email copies are stored as plain text, so &'s generate invalid xml.

            Currently the simple fix would double-escape most things. So it needs to be reworked.

              Attachments

                Activity

                  People

                  • Assignee:
                    ashwini Ashwini Poharkar
                    Reporter:
                    demeritcowboy Dave D
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    1 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: