Commit 9ec3a1b4 authored by Benni Mack's avatar Benni Mack
Browse files

[BUGFIX] Do not hsc twice the title in indexed search

The path gets htmlspecialchared with linkPageATagWrap()
and before that it gets treated within getPathFromPageId()
already.

This change removes the double encoding.

Resolves: #90935
Releases: main, 11.5
Change-Id: I7fd9c1afa4462f5d59618ca5ef760356e5d2fa0d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/72934


Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Tested-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Reviewed-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Reviewed-by: Wouter Wolters's avatarWouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
parent 9f968c37
...@@ -498,14 +498,14 @@ class SearchController extends ActionController ...@@ -498,14 +498,14 @@ class SearchController extends ActionController
$copiedRow = $row; $copiedRow = $row;
unset($copiedRow['static_page_arguments']); unset($copiedRow['static_page_arguments']);
$title = $this->linkPageATagWrap( $title = $this->linkPageATagWrap(
$title, htmlspecialchars($title),
$this->linkPage($row['page_id'], $copiedRow) $this->linkPage($row['page_id'], $copiedRow)
); );
} }
} else { } else {
// Else the page // Else the page
$title = $this->linkPageATagWrap( $title = $this->linkPageATagWrap(
$title, htmlspecialchars($title),
$this->linkPage($row['data_page_id'], $row) $this->linkPage($row['data_page_id'], $row)
); );
} }
...@@ -1613,7 +1613,7 @@ class SearchController extends ActionController ...@@ -1613,7 +1613,7 @@ class SearchController extends ActionController
/** /**
* Create a tag for "path" key in search result * Create a tag for "path" key in search result
* *
* @param string $linkText Link text (nodeValue) * @param string $linkText Link text (nodeValue) (should be hsc'ed already)
* @param array $linkData * @param array $linkData
* @return string HTML <A> tag wrapped title string. * @return string HTML <A> tag wrapped title string.
*/ */
...@@ -1628,7 +1628,7 @@ class SearchController extends ActionController ...@@ -1628,7 +1628,7 @@ class SearchController extends ActionController
return sprintf( return sprintf(
'<a %s>%s</a>', '<a %s>%s</a>',
GeneralUtility::implodeAttributes($attributes, true), GeneralUtility::implodeAttributes($attributes, true),
htmlspecialchars($linkText, ENT_QUOTES | ENT_HTML5) $linkText
); );
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment