Permalink
Browse files

FIX Respect escaping rules on readonly fields in CMS history view

Avoids showing unescaped HTML on fields which didn't allow it otherwise,
e.g. TextField. This also fixes problems with SiteTree->ExtraMeta
which got evaluated within the CMS. If this section contains any
JavaScript it gets executed and can disrupt CMS operation.
  • Loading branch information...
chillu committed Feb 4, 2013
1 parent 1525684 commit 97fbfd3f128a1bfa1c27250e34bebd3e951d4051
Showing with 0 additions and 5 deletions.
  1. +0 −5 code/controllers/CMSPageHistoryController.php
@@ -113,11 +113,6 @@ public function getEditForm($id = null, $fields = null, $versionID = null, $comp
$fields = $fields->makeReadonly();
$navField->setAllowHTML(true);
- foreach($fields->dataFields() as $field) {
- $field->dontEscape = true;
- $field->reserveNL = true;
- }
-
if($compareID) {
$link = Controller::join_links(
$this->Link('show'),

0 comments on commit 97fbfd3

Please sign in to comment.