Duplicate entity encoding in meta_tags

A place to report and discuss bugs - please mention CMSimple-version, server, platform and browser version
Post Reply
cmb
Posts: 14225
Joined: Tue Jun 21, 2011 11:04 am
Location: Bingen, RLP, DE
Contact:

Duplicate entity encoding in meta_tags

Post by cmb » Thu Feb 26, 2015 12:28 am

Hello Community,

during the development of CMSimple_XH 1.6 the meta_tags field have been escaped by applying htmlspecialchars() (and later XH_hsc()) in the respective page data tabs. This has lead to a subtle bug, because double-quotes (") had already been escaped by an array_walk(). So a value of foo"bar is emitted as foo"bar in the generated (X)HTML. The result is that this value is shown as foo"bar in the page data tab.

I suggest the following patch for XH 1.6.6:

Code: Select all

Index: plugins/meta_tags/Metatags_view.php
===================================================================
--- plugins/meta_tags/Metatags_view.php	(revision 1493)
+++ plugins/meta_tags/Metatags_view.php	(working copy)
@@ -40,9 +40,6 @@
 {
     global $sn, $su, $plugin_tx, $pth, $onload, $bjs;
 
-    $func = create_function('&$data', '$data=str_replace("\"", """, $data);');
-    array_walk($page, $func);
-
     $lang = $plugin_tx['meta_tags'];
 
     $my_fields = array('title', 'description', 'keywords', 'robots');
Christoph M. Becker – Plugins for CMSimple_XH

cmb
Posts: 14225
Joined: Tue Jun 21, 2011 11:04 am
Location: Bingen, RLP, DE
Contact:

Re: Duplicate entity encoding in meta_tags

Post by cmb » Thu Mar 12, 2015 11:03 pm

Done (r1507/r1508).
Christoph M. Becker – Plugins for CMSimple_XH

Post Reply