Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default form input are not html encoded #153

Closed
qcoumes opened this issue Jan 15, 2019 · 1 comment
Closed

Default form input are not html encoded #153

qcoumes opened this issue Jan 15, 2019 · 1 comment
Assignees
@Pavell94000
Labels
Bug Something isn't working Normal priority This task is on the roadmap.

Comments

@qcoumes
Copy link
Contributor

qcoumes commented Jan 15, 2019

Default values of input tags are not escaped, which can cause invalid html syntax for some characters (" for instance).

E.G.:

<input id="form_answer" type="hidden" name="form_answer" style="display: none;" value="# effacez ce commentaire
x=input()
if x in ["success",]:
   print(x)
if x=="failure":
   print("NON c'est pas ca")
if x=="error":
   print(1/0)
">

instead of:

<input id="form_answer" type="hidden" name="form_answer" style="display: none;" value="# effacez ce commentaire
x=input()
if x in [&amp;quot;success&amp;quot;,]:
   print(x)
if x==&amp;quot;failure&amp;quot;:
   print(&amp;quot;NON c'est pas ca&amp;quot;)
if x==&amp;quot;error&amp;quot;:
   print(1/0)
">
@qcoumes qcoumes added Bug Something isn't working Urgent Need to be fixed as soon as possible Critical priority This task is very important. labels Jan 15, 2019
@qcoumes qcoumes self-assigned this Jan 15, 2019
@plgitlogin
Copy link
Collaborator

The following file solves the problem for the editor where the problem is the most frequent:
https://github.com/nimdanor/python-pl-bank/blob/master/form/text_editor.html
This file should be in the /lib/form dir ...
@qcoumes can I make you remark that :
The syntax
@ /form/text_editor.html
that search locally then search in /lib/form/text_editor.html is VERY HELPFULL in this case.

@plgitlogin plgitlogin added Normal priority This task is on the roadmap. and removed Critical priority This task is very important. Urgent Need to be fixed as soon as possible labels Jan 18, 2019
@Pavell94000 Pavell94000 assigned Pavell94000 and unassigned qcoumes Mar 19, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Pavell94000 Pavell94000

Labels
Bug Something isn't working Normal priority This task is on the roadmap.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@plgitlogin @Pavell94000 @qcoumes