View Issue Details

IDProjectCategoryView StatusLast Update
0014760mantisbthtmlpublic2014-06-11 14:51
Reporterphyllisl Assigned Tograngeway  
PrioritynormalSeveritycrashReproducibilityalways
Status closedResolutionunable to reproduce 
Product Version1.3.0dev 
Summary0014760: Bug Report Text Input Cannot Take Special Characters
Description

When reporting an issue in Mantis 1.3, if I put special characters in Description, it crashes because it failed to convert them.

Steps To Reproduce

For example: echo '<p class="center">' .error_string(ERROR_ACCESS_DENIED).'</p>'

TagsNo tags attached.

Relationships

child of 0014088 closedvboctor Mantis 1.3.0 blocking issues 

Activities

phyllisl

phyllisl

2012-10-03 19:21

reporter   ~0033022

Last edited: 2012-10-03 19:26

Actually, I made a mistake about saying special characters. What it does is that when having line such as:

echo '<p class="123">'echo'</p>'

the the html entities are escaped, except for the last closing tag of p, where were taken as part of the xml of the page.

In other version of mantis, it was solved by automatically adding another opening tag of p before the closing tag of p according to the page source code. However I couldn't see where it happens in the php files.

In short, the html entity of "p" is not escaped like the others.

grangeway

grangeway

2014-06-01 15:05

reporter   ~0040690

phyllisl,

I'm not able to reproduce this on the current GIT code.

I'd be inclined to think that what was happening here was we were doing strict validation to xml/html5 or whatever standard ( can't recall which one).

I suspect that was then failing to render in the browser, and what we did in the code at the time was to change back the validation to an non-strict standard

if you can still produce this, please try and give me something I can use to reproduce (e.g. put the description you are using on pastebin.com so I can reproduce without the text getting edited by mantis ;))