Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix transformURI() on ignoreIndexDir & ! htmlEscape #1449

Merged
merged 2 commits into from
Dec 18, 2019
Merged

Fix transformURI() on ignoreIndexDir & ! htmlEscape #1449

merged 2 commits into from
Dec 18, 2019

Conversation

andrerom
Copy link
Contributor

@andrerom andrerom commented Dec 18, 2019
edited
Loading

Fix of issue introduced in 07de126 Fix EZP-23086: Image thumbnail not shown on backend if alias contains quotes when escaping was introduced.

@andrerom
Fix transformURI() on ignoreIndexDir & ! htmlEscape
e6ff7e0 
Fix of issue introduced in 07de126 "Fix EZP-23086: Image thumbnail not shown on backend if alias contains quotes" when escaping was introduced.
@andrerom andrerom requested a review from glye December 18, 2019 10:20
@andrerom andrerom requested a review from vidarl December 18, 2019 11:17
vidarl
vidarl approved these changes Dec 18, 2019
View reviewed changes
Copy link
Member

@vidarl vidarl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't actually tested this but looks good to me

glye
glye approved these changes Dec 18, 2019
View reviewed changes
Copy link
Member

@glye glye left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This method could use a lot more documentation, but looks vaguely ok.

@andrerom andrerom merged commit 5a39130 into 2017.12 Dec 18, 2019
@andrerom andrerom deleted the transformURI_non_escaping branch December 18, 2019 12:55
@pkamps pkamps mentioned this pull request Jan 3, 2020
Merged
Opencontent pushed a commit to Opencontent/ezpublish-legacy that referenced this pull request Mar 17, 2020
@lrealdi
Merge commit 'c49eef93f50c665a3d7a6b2aa6387ccd46e059f5' into temp
69230ac 
* commit 'c49eef93f50c665a3d7a6b2aa6387ccd46e059f5':
  Removed invalid constructor call
  Fixed wrong old-style constructor usage
  EZP-31040: Remote Code Execution in file uploads
  Show images after used url_prefix (ezsystems#1453)
  improve php 7 bc doc (ezsystems#1452)
  Fix notice when checking for anonymous  classes in autoload generator (ezsystems#1450)
  Do not support literal HTML in the Administration Interface (ezsystems#1408)
  Fix transformURI() on ignoreIndexDir & ! htmlEscape (ezsystems#1449)
  Make autoloads ignore anonymous classes (ezsystems#1448)
  Update php7.md
  Fixing search in media lib which used to loose context (ezsystems#1433)
  [Travis] Add testing for PHP 7.2 and 7.3 (ezsystems#1446)
  EZP-30834: remove strtotime function from the trashed-days option (ezsystems#1441)
  Fix instances of count() that would cause a warning in 7.2
  Updated dbupdate scripts so they will no longer fail when there are multiple users with the same e-mail (ezsystems#1445)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bdunogier bdunogier bdunogier approved these changes

@glye glye glye approved these changes

@vidarl vidarl vidarl approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@andrerom @bdunogier @glye @vidarl