[SECURITY] Replace parseFunc with htmlspecialchars in element "table" 69/45269/2
authorGeorg Ringer <georg.ringer@gmail.com>
Tue, 15 Dec 2015 10:34:48 +0000 (11:34 +0100)
committerOliver Hader <oliver.hader@typo3.org>
Tue, 15 Dec 2015 10:34:56 +0000 (11:34 +0100)
Instead of using the lib.parseFunc htmlspecialchars is used for
the table cell rendering.

Resolves: #25245
Releases: master, 6.2
Security-Commit: 3d64bcca9bf08bbb472d016145fc1e1befc75daf
Security-Bulletins: TYPO3-CORE-SA-2015-010, 011, 012, 013, 014, 015
Change-Id: Ifd285572be52cdceddd72fdac5da01f7c632f2d0
Reviewed-on: https://review.typo3.org/45269
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
typo3/sysext/css_styled_content/static/setup.txt
typo3/sysext/css_styled_content/static/v4.5/setup.txt
typo3/sysext/css_styled_content/static/v4.6/setup.txt
typo3/sysext/css_styled_content/static/v4.7/setup.txt
typo3/sysext/css_styled_content/static/v6.0/setup.txt
typo3/sysext/css_styled_content/static/v6.1/setup.txt

index bb5b0fc..dd0d188 100644 (file)
@@ -1406,7 +1406,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
index f94d516..3afe2f4 100644 (file)
@@ -823,7 +823,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
index 9abdbb4..e24557f 100644 (file)
@@ -827,7 +827,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
index ce18655..1a03156 100644 (file)
@@ -1217,7 +1217,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
index 163a78a..e7576b1 100644 (file)
@@ -1366,7 +1366,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]
index af39bc8..227fd6a 100644 (file)
@@ -1367,7 +1367,7 @@ tt_content.table {
                cellspacing =
        }
        20.innerStdWrap.wrap = |
-       20.innerStdWrap.parseFunc = < lib.parseFunc
+       20.innerStdWrap.htmlSpecialChars = 1
 
        20.stdWrap {
                editIcons = tt_content: cols, bodytext, [layout], [table_bgColor|table_border|table_cellspacing|table_cellpadding]