Logout Module emitting invalid html. Update default_logout.php (enclose params JRoute parameter in htmlentities) #17367
Conversation
Enclose JRoute param in htmlentities to emit valid html. The getInstance part is right, but params remains unprotected, can emit invalid html!
|
can you please give Test Instuctions? |
|
To reproduce the problem please do the following: Create some contacts with associated tags As you can see the emitted html is invalid: the query part has in fact illegal characters in it, '[' and ']'; we should let that chars encoded! This problem is related to issue "Bug in AbstractUri::buildQuery - invalid HTML emitted ('[' and ']' not encoded in tagged elements list) #21" (joomla-framework/uri#21). I think the preferred way to solve both problems is solving the above mentioned problem in AbstractUri:buildQuery. Similar problem in PR #17368 |
|
I detected the problem here (in login form) but it does not originate here and in no way this is a fix. The problem remains (tagged emelents menu item emits invalid html). |
|
I close this PR and related #17368 |
Enclose JRoute param in htmlentities to emit valid html.
The getInstance part is right, but params remains unprotected, can emit invalid html!
Pull Request for Issue # .
Summary of Changes
Testing Instructions
Create some contacts with associated tags
Create a menu item of type tagged-elements of contacts type
Publish a login/logout module on that page.
Expected result
valid html
Actual result
Invalid html. The logout form url contains invalid '[' and ']' chars; th eurl will be similar to (when sef url disabled): /index.php?option=com_tags&view=tag&id[0]=2&types[0]=2&Itemid=nnn
This problem is related to issue "Bug in AbstractUri::buildQuery - invalid HTML emitted ('[' and ']' not encoded in tagged elements list) #21" (joomla-framework/uri#21).
I think the preferred way to solve both problems is solving the above mentioned problem in AbstractUri:buildQuery
Similar problem in PR #17368
Documentation Changes Required