Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F1046451
D99.id234.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sat, Jun 28, 7:16 PM
Size
760 B
Mime Type
text/x-diff
Expires
Sun, Jun 29, 7:16 PM (5 h, 48 m)
Engine
blob
Format
Raw Data
Handle
676503
Attached To
D99: INP-1450 - Escape page urls in internal page dropdown of CKEditor
D99.id234.diff
View Options
Index: core/units/fck/fck_eh.php
===================================================================
--- core/units/fck/fck_eh.php
+++ core/units/fck/fck_eh.php
@@ -96,7 +96,7 @@
$title = $title . ' (' . $page_path . ')';
$real_url = $this->Application->HREF($template, '_FRONT_END_', array('pass' => 'm'), 'index.php');
- $res .= '<CmsPage real_url="' . $real_url . '" path="@@' . $id . '@@" title="' . kUtil::escape($title, kUtil::ESCAPE_HTML) . '" st_id="' . $id . '" serverpath="" />' . "\n";
+ $res .= '<CmsPage real_url="' . kUtil::escape($real_url, kUtil::ESCAPE_HTML) . '" path="@@' . $id . '@@" title="' . kUtil::escape($title, kUtil::ESCAPE_HTML) . '" st_id="' . $id . '" serverpath="" />' . "\n";
}
$res.= "</CmsPages>";
Event Timeline
Log In to Comment