Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The signup form used both at /mailchimp/subscribe and in the signup blocks incorrectly escapes quotations.
For example, a list called "foo'bar" would present the text "Sign up for foo'bar".
This happens because the text is escaped using check_plain(), which in turn calls htmlspecialchars($text, ENT_QUOTES, 'UTF-8').
Doing this here requires decoding the quotation marks again afterwards.
Comment | File | Size | Author |
---|---|---|---|
#1 | mailchimp-1659554-1-quotations-in-list-names.patch | 885 bytes | mvc |
Comments
Comment #1
mvcComment #2
antipex CreditAttribution: antipex commentedRolled into e5f843a.
Comment #3.0
(not verified) CreditAttribution: commentedfixed entity escaping