Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
May 24, 2012, 15:57:58


Advanced search »»

JoomlaTune Support Forum    JComments component    Bug-reports    Topic: [solved] Non-escaped html code in HTML tags/attributes
Pages: [1]   Go Down
  Print  
Author Topic: [solved] Non-escaped html code in HTML tags/attributes  (Read 1428 times)
0 Members and 1 Guest are viewing this topic.
burek
Newbie
*

Karma: 0
Offline Offline

Posts: 3
« on: March 24, 2011, 05:44:41 »
Hi,

<a href="..." title="poruka "Connection timeout" prilikom transfera">

should be

<a href="..." title="poruka &quot;Connection timeout&quot; prilikom transfera">

I'm not sure where this should be changed, but I got these errors when validating my website after installing JComments.

Great work, btw Smiley

EDIT:

Code:
<div class="article-content">
...<div class="jcomments-links"><a class="readmore-link" href="/poruka-connection-timeout-prilikom-transfera.html" title="poruka "Connection timeout" prilikom transfera">Opsirnije...</a> <a href="/poruka-connection-timeout-prilikom-transfera.html#addcomments" class="comment-link">Dodaj novi komentar</a></div>
</div>
« Last Edit: February 28, 2012, 17:43:04 by smart » Logged
smart
Administrator
Hero Member
*****

Karma: 160
Offline Offline

Gender: Male
Posts: 2559



WWW
« Reply #1 on: April 19, 2011, 05:04:52 »
Yes, you're right!

Open /components/com_jcomments/tpl/default/tpl_links.php and replace:

Code: (php)
$title = $this->getVar('link-readmore-title');
with
Code: (php)
$title = htmlspecialchars($this->getVar('link-readmore-title'));
Logged
If you use JComments, please post a rating and a review at the Joomla! Extensions Directory
Pages: [1]   Go Up
  Print  
JoomlaTune Support Forum    JComments component    Bug-reports    Topic: [solved] Non-escaped html code in HTML tags/attributes
« previous next »
 
Jump to: