Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-66794

Result of escapeCSS is incorrect if the escaped character is followed by a number

    XMLWordPrintable

Details

    Description

      <style type="text/css">
h1:before {
    content: "<%= HtmlUtil.escapeCSS("'1") %>";
}
</style>
<h1>Hello World</h1>

      Expected result
      '1Hello World
      Actual result
      ɱHello World

      The problem is ' is escaped to \27. However, the next character is 1. So you end up with \271, which is different character.

      Attachments

        Issue Links

          relates

          Bug - A problem which impairs or prevents the functions of the product. LPE-16211 Result of escapeCSS is incorrect if the escaped character is followed by a number

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              melody.wu Melody Wu
              samuel.kong Samuel Kong
              Kiyoshi Lee Kiyoshi Lee
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                6 years, 50 weeks, 1 day ago

                Packages

                  Version Package
                  6.2.X EE
                  7.0.0 DXP FP1
                  7.0.2 CE GA3
                  7.0.0 DXP SP1
                  7.0.3 CE GA4
                  7.1.X
                  Master