Problem/Motivation

Term title doesn't require Html::escape() if it's displayed as a link (Link does it's own encoding to prevent any XSS)

Steps to reproduce

Create a new term with an apostrophe like "What's on" or with ampersand "Weekends & Vacations"
New terms are displayed with encoded &
encoded value

Proposed resolution

remove Html::escape() from https://git.drupalcode.org/project/taxonomy_manager/-/blame/2.0.x/src/Fo...

CommentFileSizeAuthor
encoded.png61 KBjannakha

Issue fork taxonomy_manager-3532776

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

jannakha created an issue. See original summary.

jannakha’s picture

jannakha commented
Issue summary: View changes
jannakha’s picture

jannakha commented
Issue summary: View changes
jannakha’s picture

jannakha commented
Issue summary: View changes

jannakha opened merge request !75

jannakha’s picture

jannakha commented
Status: Active » Needs review
vladimiraus’s picture

vladimiraus
Primary language English
Location Brisbane 🇦🇺
commented
Status: Needs review » Reviewed & tested by the community

Looks good. 👍

vladimiraus’s picture

vladimiraus
Primary language English
Location Brisbane 🇦🇺
commented
Issue summary: View changes
Status: Reviewed & tested by the community » Fixed

Thank you for your contribution.
Committed. 🍻

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.