Closed satopian closed 9 months ago
If the file name starts with '(single quote), the HTML syntax structure will be broken when outputting. example file name. '1695547155091774.png
'
'1695547155091774.png
onmouseover="this.textContent=''1695547155091774.png';
Example of output HTML. The single quote becomes '', breaking the quoting structure.
''
Therefore, escaping HTML special characters is necessary.
The result after adding the "Cleanstr" function to escape HTML special characters. onmouseover="this.textContent=''1695547155091774.png';
onmouseover="this.textContent=''1695547155091774.png';
' is displayed as ' on the web browser.
'
Thanks for the fix
kaguy4
commented
9 months ago kaguy4
commented
9 months ago
If the file name starts with
'(single quote), the HTML syntax structure will be broken when outputting. example file name.'1695547155091774.pngonmouseover="this.textContent=''1695547155091774.png';Example of output HTML. The single quote becomes
'', breaking the quoting structure.Therefore, escaping HTML special characters is necessary.
The result after adding the "Cleanstr" function to escape HTML special characters.
onmouseover="this.textContent=''1695547155091774.png';'is displayed as'on the web browser.