In Ansel title and caption fields, double quotes break the field
#210 opened by Aasun
Description
Using the Ansel Title and caption fields, if I type in quotes, the field breaks.
Example of title entry that works:
This is the title of the picture
Example of entry that breaks:
This is the title of "the picture".
This also happens when typing in a link to a caption field:
View <a href="https://google.com">the details</a> of this photo.
Upon save, the contents of the field are truncated at the first double quote.
Replies
- Aasun
Replied 1/5/2022 3:40 PM
Oops.. I see my HTML code was converted.. I'm not using HTML entities in the actual content that gets entered into the title and / or caption fields.
- Aasun
Replied 1/5/2022 3:55 PM
To follow-up with more clarity.. Because the HTML input fields are rendered surrounding the value with double quotes, any double quotes that are used in the value break the HTML of the field when the entry is edited again (and then saved).
- TJ Draper
Replied 1/6/2022 6:03 PM
This is due to an oversight in Ansel's row template where the values of the title/caption fields were not being html entity encoded and therefore, a quote marks were being output as literal and would prematurely end the value of the input.
I have committed a fix and will release before long.
- TJ Draper
Replied 1/6/2022 6:04 PM
(Also, sigh, yeah, I need to look into the encoding of entities in codeblocks. But also consider safety and scripting and hijacking etc.)
- Aasun
Replied 1/6/2022 6:13 PM
Great! Thanks!
- TJ Draper
Replied 1/6/2022 6:44 PM
Released for download!
- Aasun
Replied 1/6/2022 7:06 PM
Awesome! Fixed. Thanks!