Buy Hosting

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

" within category-descriptions/-titles

2 Posts 2 Posters 1.1k Views

F Offline
F Offline
frissdiegurke Plugin & Theme Dev
wrote on last edited by

#1

It seems like " results in some issues if it gets used within category-description or -title because it doesn't get escaped when showing within admin-page even so it works correct on user-scope.

Just try "><a>test</a> within the description or title...
1 Reply Last reply

0
B Offline
B Offline
<baris> NodeBB
wrote on last edited by

#2

Looks like we need data.title = validator.sanitize(data.title).escape(); like we do for topic titles.
1 Reply Last reply

0

Copyright © 2024 NodeBB | Contributors