search

verbb / vizy

A flexible visual editor for Craft CMS
Other
43 stars 8 forks source link

`renderHtml()` does not seem to be escaping special HTML characters #171

Closed rungta closed 1 year ago

rungta commented 1 year ago

Describe the bug

Characters that have special meaning in HTML (eg <, > etc.) and are present in the Vizy field's text (say, inside a paragraph) are not getting escaped as HTML entities when calling renderHtml().

Steps to reproduce

  1. Create a Vizy field.
  2. Add the following text This is a sentence with <example> characters that should be escaped in an HTML context.
  3. Render the field by calling renderHtml()

Craft CMS version

3.7.51

Plugin version

1.0.18

Multi-site?

No

Additional context

No response

engram-design commented 1 year ago

Seems to act correctly for me.

Inspecting the source code of the page shows <p>This is a sentence with &lt;example&gt; characters that should be escaped in an HTML context.</p>

rungta commented 1 year ago

Sorry, it appears to be working now at our end as well (but only after re-saving the erroneous entries). Not sure what the issue was or why re-saving it is fixing the problem. 🤷

Thanks!