Uploaded image for project: 'Wicket'
  1. Wicket
  2. WICKET-4505

AbstractTextComponent not escaping html data by default therefore user text is not redisplayed correctly

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.5.5
    • 1.5.6, 6.0.0-beta2
    • wicket
    • None

    Description

      User input is not escaped in all text fields by default (and the default is not configurable).

      This leads to user entered text not being redisplayed correctly.

      • You can replicate using the project from WICKET-3330.
      • Just enter the text my½companyname and press enter
      • The field will not redisplay the text entered properly

      Attachments

        Issue Links

        is related to

        Bug - A problem which impairs or prevents the functions of the product. WICKET-3608 input button escapes escaped value

        • Major - Major loss of function.
        • Resolved

        Bug - A problem which impairs or prevents the functions of the product. WICKET-4734 Button value is double escaped

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            svenmeier Sven Meier
            jpboudreault Jean-Philippe Boudreault
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment