View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000692 | mantisbt | bugtracker | public | 2001-07-13 16:11 | 2006-04-20 06:30 |
Reporter | hacker | Assigned To | prescience | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Platform | Intel | OS | Linux | OS Version | Debian GNU/Linux |
Product Version | 0.15.1 | ||||
Summary | 0000692: Any bug report which includes HTML is rendered AS html, not as text | ||||
Description | I have a project which requires us to see the actual HTML | ||||
Steps To Reproduce | Just submit a bug report with an href constructed in the | ||||
Additional Information | Patch here: --- /src/cvs/mantisbt/core_print_API.php Thu Jul 12 21:43:12 2001 Use this to prepare a string for display to HTML
+
| ||||
Tags | No tags attached. | ||||
Is this still an issue? |
|
test a raw tag in a bugnote |
|
I don't think this could be an issue anymore. Current versions of Mantis do run htmlspecialchars() over the string before outputting, and only allow the HTML tags configured in $g_html_valid_tags to be displayed verbatim. If you want no HTML tags to be passed through, define this configuration variable to be the empty string. |
|