elgg-gitbot
commented
11 years ago trac user mrclay wrote on 2009-12-08
The entities show up already escaped in the metastrings table, so the escaping is done before storage.
Closed elgg-gitbot closed 11 years ago
elgg-gitbot
commented
11 years ago trac user mrclay wrote on 2009-12-08
The entities show up already escaped in the metastrings table, so the escaping is done before storage.
elgg-gitbot
commented
11 years ago brettp wrote on 2010-02-01
Rel (Trac Ticket 561)
Original ticket http://trac.elgg.org/ticket/1405 on 2009-12-08 by trac user mrclay, assigned to unknown.
Elgg version: 1.6
For all single-line profile entries (Brief description, Location, Interests, Skills (if not more)), Elgg escapes & < and > twice on output, resulting in the user seeing HTML entities on the profile view and edit pages.
To duplicate, save "& < >" in one of the fields. It will display as "& < &rt;" in later requests. Thankfully the ampersands in the entities are not re-escaped when you re-save the value.