diff --git a/extension/ezoe/ezxmltext/handlers/input/ezoeinputparser.php b/extension/ezoe/ezxmltext/handlers/input/ezoeinputparser.php index 95b6fa0d6fb..d7957977021 100644 --- a/extension/ezoe/ezxmltext/handlers/input/ezoeinputparser.php +++ b/extension/ezoe/ezxmltext/handlers/input/ezoeinputparser.php @@ -262,7 +262,7 @@ function setAttributes( $element, $attributes ) if ( isset( $this->Namespaces[$prefix] ) ) { $URI = $this->Namespaces[$prefix]; - $element->setAttributeNS( $URI, $qualifiedName, $value ); + $element->setAttributeNS( $URI, $qualifiedName, htmlspecialchars_decode( $value ) ); } else { @@ -271,7 +271,7 @@ function setAttributes( $element, $attributes ) } else { - $element->setAttribute( $qualifiedName, $value ); + $element->setAttribute( $qualifiedName, htmlspecialchars_decode( $value ) ); } } } diff --git a/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php b/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php index d14883f5685..ede5119d8b8 100644 --- a/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php +++ b/extension/ezoe/ezxmltext/handlers/input/ezoexmlinput.php @@ -1744,12 +1744,12 @@ public static function getCustomAttrPart( $tag, &$styleString ) if ( $customAttributePart === '' ) { $customAttributePart = ' customattributes="'; - $customAttributePart .= $attribute->name . '|' . $attribute->value; + $customAttributePart .= $attribute->name . '|' . htmlspecialchars( $attribute->value ); } else { $customAttributePart .= 'attribute_separation' . $attribute->name . '|' . - $attribute->value; + htmlspecialchars( $attribute->value ); } if ( isset( self::$customAttributeStyleMap[$attribute->name] ) ) { diff --git a/extension/ezoe/tests/ezoexmltext_regression.php b/extension/ezoe/tests/ezoexmltext_regression.php index 54538fa5d93..ed9ea84b452 100644 --- a/extension/ezoe/tests/ezoexmltext_regression.php +++ b/extension/ezoe/tests/ezoexmltext_regression.php @@ -34,16 +34,37 @@ public function providerParsingGreaterThanAttribute() array( '

This is a fact

', ' -
This is a fact
', +
This is a fact
', ), array( '

This is a fact

Text between

This is a fact

', ' -
This is a factText betweenThis is a fact
', +
This is a factText betweenThis is a fact
', ), ); } + /** + * Test for proper escaping for custom tag attribute values + */ + public function testEscapeAttributeValue() + { + $xmlData = ''; + $xmlData .= '
'; + $xmlData .= ""; + $xmlData .= ''; + $xmlData .= ""; + $xmlData .= "
"; + + $folder = new ezpObject( 'folder', 2 ); + $folder->name = 'Escape Attribute Value'; + $folder->short_description = ''; + + $oeHandler = new eZOEXMLInput( $xmlData, false, $folder->short_description ); + $xhtml = $oeHandler->attribute( 'input_xml' ); + self::assertEquals( '<div class="ezoeItemCustomTag factbox" type="custom" customattributes="title|&quot;fipsfuchs&quot;attribute_separationalign|&amp;quot;fipsfuchs&amp;quot;"><p>factbox</p></div><p><br /></p>', $xhtml ); + } + /** * Test for issue #16605: Online Editor adds a lot of Non Breaking spaces (nbsp) * diff --git a/kernel/classes/datatypes/ezxmltext/ezxmlinputparser.php b/kernel/classes/datatypes/ezxmltext/ezxmlinputparser.php index dec0a2ae1ce..9044a524f0c 100644 --- a/kernel/classes/datatypes/ezxmltext/ezxmlinputparser.php +++ b/kernel/classes/datatypes/ezxmltext/ezxmlinputparser.php @@ -708,7 +708,7 @@ function setAttributes( $element, $attributes ) if ( isset( $this->Namespaces[$prefix] ) ) { $URI = $this->Namespaces[$prefix]; - $element->setAttributeNS( $URI, $qualifiedName, $value ); + $element->setAttributeNS( $URI, $qualifiedName, htmlspecialchars_decode( $value ) ); } else { @@ -717,7 +717,7 @@ function setAttributes( $element, $attributes ) } else { - $element->setAttribute( $qualifiedName, $value ); + $element->setAttribute( $qualifiedName, htmlspecialchars_decode( $value ) ); } } }