marker title and php filter

bozdoz / wp-plugin-leaflet-map

Add leaflet maps to Wordpress with shortcodes

https://wordpress.org/plugins/leaflet-map/

GNU General Public License v2.0

140 stars 71 forks source link

marker title and php filter #220

Closed hupe13 closed 1 year ago

hupe13 commented 1 year ago

Hi Bozdoz,

someone uses german umlauts like "ü" in [marker title="Mühle" ....]. If the filter is FILTER_SANITIZE_FULL_SPECIAL_CHARS, then the result is "Mühle", if the filter is FILTER_SANITIZE_SPECIAL_CHARS the result is "Mühle". Is it a problem to change the filter to FILTER_SANITIZE_SPECIAL_CHARS?

Thank you very much.

bozdoz commented 1 year ago

Sounds like it's a fair idea. You want to submit a pr?

bozdoz commented 1 year ago

I'd have to look up the difference. We mostly want to avoid injecting javascript or html.

hupe13 commented 1 year ago

Yes. Then we have to do it like the popup content only much simpler. BTW Javascript unescape is deprecated.

bozdoz commented 1 year ago

Don't think I'm using JavaScripts unescape

hupe13 commented 1 year ago

I'm sorry, I have misunderstood something, I just see you have your own unescape: https://github.com/bozdoz/wp-plugin-leaflet-map/blob/b7fb694f6695e1b5f2b1df8ee17abd0bf40bb082/scripts/construct-leaflet-map.js#L225 Right?

bozdoz commented 1 year ago

Yep, looks right