[mythtv-commits] Ticket #10225: Mythweb is not safe for inappropriate characters in title/subtitles of shows
MythTV
noreply at mythtv.org
Tue Dec 27 19:22:58 UTC 2011
#10225: Mythweb is not safe for inappropriate characters in title/subtitles of
shows
-------------------------------------+-------------------------------------
Reporter: henrik@… | Owner: kormoc
Type: Bug Report - | Status: new
General | Milestone: unknown
Priority: minor | Version: Trunk Head
Component: Plugin - MythWeb | Keywords: mythweb, character
Severity: medium | encoding
Ticket locked: 0 |
-------------------------------------+-------------------------------------
It the title or subtitle of a show contains especially single or double
quotes, it breaks the html/javascript structure of at least the
recorded.php and details.php of mythweb. This is true for 0.24.1 and GIT
of 23/12 2011.
The case arises because the EIT date of the Danish DR1 channel is bad or
misinterpreted so half of the description ends up in the subtitle. This is
bearable (for me) it it wasnt because it breaks mythweb. But it could
arise if the subtitle/title actually did contain quotes etc.
The symptoms is that the javascripts for 'delete' a show does not work
because of badly paired quotes in the HTML code. Note, that the page
itself looks normally!
The proposed solution (as implemented by me in my case) is to use one of
the HTML-safe functions on the title and subtitle parts wherever they are
used directly in the HTML part such as htmlentities(), htmlspecialchars(),
htmlspecialchars() etc.
--
Ticket URL: <http://code.mythtv.org/trac/ticket/10225>
MythTV <http://code.mythtv.org/trac>
MythTV Media Center
More information about the mythtv-commits
mailing list