fix(textfield): target ticket title need html encoding

GLPI 10.0.7 HTML encodes data in ticket's title
pluginsGLPI · Jun 19, 2023 · 1b71d65 · 1b71d65
1 parent 8aaec8a
commit 1b71d65
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 6 deletions.
diff --git a/inc/field/textfield.class.php b/inc/field/textfield.class.php
@@ -108,11 +108,7 @@ public function getValueForDesign(): string {
    }
 
    public function getValueForTargetText($domain, $richText): ?string {
-      if ($richText) {
-         return Sanitizer::encodeHtmlSpecialChars($this->value);
-      }
-
-      return $this->value;
+      return Sanitizer::encodeHtmlSpecialChars($this->value);
    }
 
    public function moveUploads() {

diff --git a/tests/3-unit/GlpiPlugin/Formcreator/Field/TextField.php b/tests/3-unit/GlpiPlugin/Formcreator/Field/TextField.php
@@ -401,7 +401,7 @@ public function providerGetValueForTargetText() {
             'question' => $this->getQuestion(),
             'value' => '"><img src=x onerror="alert(1337)" x=x>',
             'expected' => true,
-            'expectedValue' => '"><img src=x onerror="alert(1337)" x=x>',
+            'expectedValue' => '"&#62;&#60;img src=x onerror="alert(1337)" x=x&#62;',
          ],
       ];
    }