Page 1 of 1
Error handling for use of HTML tag characters
Posted: Wed Feb 22, 2012 6:26 pm
by mandjreid
I tried using the < and > characters in the article text, and when Adding the article those characters and all between them were dropped from the text field. They probably need to be encoded on entry and decoded on display -- or the user should get an error message saying the characters aren't allowed.
Thanks!
Posted: Wed Feb 22, 2012 6:29 pm
by mandjreid
Sorry -- I should add here that the first display of those characters is fine, but when I go to re-edit the article, it gets dropped. So it's on the edit form display and not the post or read-only display where it gets dropped.
Posted: Wed Feb 22, 2012 6:30 pm
by cognifloyd
Works for me.
I can add < and > on separate lines, on the same line, with spaces in, and without. I've even tried <div>, and the < and > show up just fine in the output - they are properly encoded/escaped.
Posted: Wed Feb 22, 2012 6:32 pm
by cognifloyd
I can verify this. < and > can be posted the first time, but everything between them is dropped on edit.