[BUGFIX] Sanitize calling htmlspecialchars(...) in TextareaViewHelper

htmlspecialchars(...) expects that first argument is a string, otherwise triggering E_DEPRECATED. This patch adds a string cast to ensure value is passed as string to htmlspecialchars(...) in TextareaViewHelper. Resolves: #95831 Releases: master Change-Id: I5fe32233bed62ab8aaa8405ed8913232d5f82ab5 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/72013 Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de> Reviewed-by: Nikita Hovratov <nikita.h@live.de> Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de> Tested-by: core-ci <typo3@b13.com> Tested-by: Nikita Hovratov <nikita.h@live.de> Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
TYPO3 · Nov 2, 2021 · 854669b · 854669b
1 parent 55c5f66
commit 854669b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/typo3/sysext/fluid/Classes/ViewHelpers/Form/TextareaViewHelper.php b/typo3/sysext/fluid/Classes/ViewHelpers/Form/TextareaViewHelper.php
@@ -72,7 +72,7 @@ public function render()
         if ($required === true) {
             $this->tag->addAttribute('required', 'required');
         }
-        $this->tag->setContent(htmlspecialchars($this->getValueAttribute()));
+        $this->tag->setContent(htmlspecialchars((string)$this->getValueAttribute()));
         $this->addAdditionalIdentityPropertiesIfNeeded();
         $this->setErrorClassAttribute();