Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
When a user insert a text with a link and that link have the title attribute which contains ">" the filter freaks out. For eaxmple:
<a href='http://google.com' title='Foo >'>Google</a>
The text turns out to be:
<a href="http://google.com">'>dasdasd</a>
Which looks like
'>dasdasd
That comes from _wysiwyg_filter_xss_split
which the REGEX pattern try to find where the html element breaks and thinks the ">" in the title attribute and then break the html tag.
Comments
Comment #2
geek-merlinHuh, this is an ugly consequency of the regexp-parsing of this module.
Yes, ">" is allowed.
https://stackoverflow.com/questions/94528/is-u003e-greater-than-sign-all...
IMHO it's this regexp line in wysiwyg_filter_filter_wysiwyg_process():
Comment #3
geek-merlinhttp://www.mkyong.com/regular-expressions/how-to-validate-html-tag-with-...
Comment #4
geek-merlinThis should do it. Please test.
Comment #6
geek-merlinDrupal infra bug...
Comment #8
geek-merlin