html: Balancing is important #2145

Merged
merged 1 commit into from Jun 8, 2015

Projects

None yet

2 participants

@greezybacon
Member

9ae01bf turned off HTML balancing, however, quoted response removal will create unbalanced HTML. That HTML will be stored unbalanced and will require extra processing when displayed on the ticket thread.

This patch adds balancing support using libxml if enabled, which will balance HTML without corrupting the HTML like htmLawed will with balancing enabled.

@greezybacon greezybacon commented on an outdated diff Jun 8, 2015
include/class.format.php
@@ -235,7 +303,7 @@ function localizeInlineImages($text) {
function sanitize($text, $striptags=false) {
//balance and neutralize unsafe tags.
- $text = Format::safe_html($text);
+ $text = Format::safe_html($text, $striptags ? 1 : 0);
@greezybacon
greezybacon Jun 8, 2015 Member

I think the default here is sufficient. That is, always balance

@greezybacon greezybacon html: Balancing is important
9ae01bf turned off HTML balancing, however,
quoted response removal will create unbalanced HTML. That HTML will be
stored unbalanced and will require extra processing when displayed on the
ticket thread.

This patch adds balancing support using libxml if enabled, which will
balance HTML without corrupting the HTML like htmLawed will with balancing
enabled.
6c35904
@protich protich merged commit f070fe1 into osTicket:develop Jun 8, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment