Hey all,
Great module, but i found 1 minor issue. I used the ' character in a title, that's now being changed to html code. This happens because when executing drupal_set_title() there's a check_plain() inside that, and that should not be there i believe.
From ./includes/bootstrap.inc :
* @param $output
* Optional flag - normally should be left as CHECK_PLAIN. Only set to
* PASS_THROUGH if you have already removed any possibly dangerous code
* from $title using a function like check_plain() or filter_xss(). With this
* flag the string will be passed through unchanged.
And from: http://api.drupal.org/api/drupal/includes!bootstrap.inc/function/drupal_...
$stored_title = ($output == PASS_THROUGH) ? $title : check_plain($title);
So it's actually already ran through check_plain() if i'm right, here's a patch that fixes this.
Comment | File | Size | Author |
---|---|---|---|
drupal_set_title_check_plain_special_characters_fix.patch | 1.03 KB | Rob C |
Comments
Comment #1
behindthepage CreditAttribution: behindthepage commentedThanks I will look into it.
Regards
Geoff
Comment #2
DeNelo CreditAttribution: DeNelo commentedEdit: Moved
Comment #3
behindthepage CreditAttribution: behindthepage commentedHi Rob C,
I have applied this patch and it is included in 7.x-1.4 release.
Thanks
Geoff
Comment #4
Rob C CreditAttribution: Rob C commentedHey Geoff,
Nice, another one bites the dust.
Thanks!