Bug #8484
Revise EscapeViewHelper
Status: | Closed | Start date: | 2010-06-24 | |
---|---|---|---|---|
Priority: | Should have | Due date: | ||
Assigned To: | Bastian Waidelich | % Done: | 0% |
|
Category: | ViewHelpers | |||
Target version: | TYPO3 Flow Base Distribution - 1.0 beta 1 | |||
Has patch: | No | Affected Flow version: |
Description
The current implementation of the EscapeViewHelper is a bit odd IMO.
1. I find it weird to use one ViewHelper to escape html, entities & urls
2. If anything goes wrong, the EscapeViewHelper currently returns the unchanged input string.. That is, if you'd write <f:escape value="dangerous html" type="HTML" />
the value would not be htmlspecialchar'ed
Related issues
History
#1 Updated by Sebastian Kurfuerst about 4 years ago
- Assigned To set to Bastian Waidelich
- Target version set to 1.0 beta 1
#2 Updated by Sebastian Kurfuerst about 4 years ago
- Parent task set to #26665
- Has patch set to No
#3 Updated by Sebastian Kurfuerst about 4 years ago
- Tracker changed from Task to Bug
- Parent task deleted (
#26665)
#4 Updated by Bastian Waidelich about 4 years ago
- Status changed from New to Closed
Will be resolved with #27628