Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

FIX Respect escaping rules on readonly fields in CMS history view

Avoids showing unescaped HTML on fields which didn't allow it otherwise,
e.g. TextField. This also fixes problems with SiteTree->ExtraMeta
which got evaluated within the CMS. If this section contains any
JavaScript it gets executed and can disrupt CMS operation.
  • Loading branch information...
commit 97fbfd3f128a1bfa1c27250e34bebd3e951d4051 1 parent 1525684
@chillu chillu authored
Showing with 0 additions and 5 deletions.
  1. +0 −5 code/controllers/CMSPageHistoryController.php
View
5 code/controllers/CMSPageHistoryController.php
@@ -113,11 +113,6 @@ public function getEditForm($id = null, $fields = null, $versionID = null, $comp
$fields = $fields->makeReadonly();
$navField->setAllowHTML(true);
- foreach($fields->dataFields() as $field) {
- $field->dontEscape = true;
- $field->reserveNL = true;
- }
-
if($compareID) {
$link = Controller::join_links(
$this->Link('show'),
Please sign in to comment.
Something went wrong with that request. Please try again.