Details
-
Bug
-
Status: Closed
-
Resolution: Fixed
-
7.3.X, 7.4.X, Master
-
7.3.x
-
Committed
-
3
Description
When saving a text field for a Web Content, line of HTML may be scrubbed if they fall between a "&" and a ";" character. Rather than only finding strings such as "&1234;", the unescapeHTML method will also escape a string like "foo & bar; or fizzbuzz". This is because the regular expression used is too general and will also accept whitespace characters.
This issue is not reproducible with the following steps in master, because the data engine processes DDMFieldValues differently. However the code in html_util.js is the same, so a fix should be sent to master as well, since it could be possible to reproduce this issue from another angle.
Steps to reproduce
- On the web content page, click the "Structures" tab.
- Click the "plus" button to create a new structure.
- Place a Text Box field, give the structure a name, and save.
- Create a new Web Content based on the newly created structure.
- Paste the following content into the Text Box and save:
<a href="https://www.liferay.com?param1=1¶m2=2">Visit Liferay</a> <a href="https://www.google.com"> <img src="https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png" alt="Google" style="padding-top: 2px;" /> </a>
6. Edit the content created in the previous step.
Results of Testing
Expected Result: Code in the text box should be unchanged.
Actual Result: Code after saving is changed.
Master
Code is the same, so it's possible for reproduction: 337ec3a08889ac565e56de221033ea4aaa9298dc
7.3.x reproduced: 337ec3a08889ac565e56de221033ea4aaa9298dc