When building the views blocks the title is built with the t() function and the @ replacement method is used which already escapes the title. If you use quotes in your view name this results in doubly escaped quotes in the block admin screen.

CommentFileSizeAuthor
views-escape-block-titles.patch902 bytesjax

Comments

jax’s picture

jax commented
Title: Block admin titles (info key) is escaped twice » Block admin titles (info key) are escaped twice because of the use of @ instead of ! in t()

Fixed title.

damiankloip’s picture

damiankloip commented
Status: Needs review » Reviewed & tested by the community

Tested, and works for me. I guess the title is being escaped by the block module too?

dawehner’s picture

dawehner
Primary language German
commented

The problem here is that this changes strings, i'm not sure how to handle that.

damiankloip’s picture

damiankloip commented

@dawehner: So this shouldn't be RTBC now?

dawehner’s picture

dawehner
Primary language German
commented
Status: Reviewed & tested by the community » Needs work 
+++ b/plugins/views_plugin_display_block.incundefined
@@ -31,10 +31,10 @@ class views_plugin_display_block extends views_plugin_display {
+        $desc = t('View: !view: !display', array('!view' => $this->view->get_human_name(), '!display' => $this->display->display_title));

Is there a reason to change display_title here as well? This part doesn't seem to be escaped before ... but this seems to be the case for get_human_name as well, i'm confused.

jax’s picture

jax commented

Well, everything is escaped again by the block admin page so nothing should be escaped here.

dawehner’s picture

dawehner
Primary language German
commented
Status: Needs work » Fixed

Aaah i got it now, sorry. Thanks for your patch, so committed to 7.x-3.x

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.