[ZBX-4620] HTML entities are not encoded - ZABBIX SUPPORT

XML

Word

Printable

Details

Type: Incident report
Status: Closed
Priority: Major
Resolution: Won't fix
Affects Version/s: 1.9.8 (beta), 2.1.0
Fix Version/s: 2.1.0
Component/s: Frontend (F)
Labels:
- conditions
- html

Description

"&" is not escaped on output it leads to many problems. For example:

go to graph creation form, enter graph name as "graph >", click preview button, after refresh graph name converts to "graph >".
previous leads to two graphs/apps/items... with identical names. Create one with ">" in name, another with ">". In frontend these will look identical.
in item list subfilter if item has application which name contain ">" subfilter for that app can be enabled but then connot be disabled.

Solution apply sheath function CHtml::encode() to every field which is displaying inside not input element.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

SERVER_Dashboard_20130611-152044.png
90 kB
2013 Jun 11 15:23

Issue Links

duplicates

ZBX-6460 HTML entities are not encoded in action condition values

Closed

mentioned in: Page Loading...

Sub-Tasks

1.	HTML entities are not encoded in Configuration->Triggers	Closed	Unassigned
2.	HTML entities are not encoded in Configuration->Items	Closed	Unassigned
3.	HTML entities are not encoded in the front-end	Closed	Unassigned
4.	HTML entities are not encoded in Configuration->Graphs	Closed	Unassigned
5.	HTML entities are not encoded in Configuration->Applications	Closed	Unassigned
6.	HTML entities are not encoded in Configuration->Web scenarios	Closed	Unassigned
7.	HTML entities are not encoded in Configuration->Discovery rules	Closed	Unassigned
8.	HTML entities are not encoded in Configuration->Maintenance	Closed	Unassigned
9.	HTML entities are not encoded in Configuration->Host groups	Closed	Unassigned
10.	HTML entities are not encoded in Configuration->Templates	Closed	Unassigned
11.	HTML entities are not encoded in Configuration->Screens	Closed	Unassigned
12.	HTML entities are not encoded in Configuration->Slide shows	Closed	Unassigned
13.	HTML entities are not encoded in Configuration->Maps	Closed	Unassigned
14.	HTML entities are not encoded in Configuration->Discovery	Closed	Unassigned
15.	HTML entities are not encoded in Configuration->IT services	Closed	Unassigned
16.	HTML entities are not encoded in Configuration->Actions	Closed	Unassigned
17.	HTML entities are not encoded in Administration->Proxies	Closed	Unassigned
18.	HTML entities are not encoded in Administration->User groups	Closed	Unassigned
19.	HTML entities are not encoded in Administration->Users	Closed	Unassigned
20.	HTML entities are not encoded in Administration->Media types	Closed	Unassigned
21.	HTML entities are not encoded in Administration->Scripts	Closed	Unassigned
22.	HTML entities are not encoded in Administration->Audit	Closed	Unassigned
23.	html tag not displayed correctly when new trigger saved on triggers.php	Closed	Unassigned
24.	HTML entities are not encoded in Administration->Images	Closed	Unassigned
25.	HTML entities are not encoded in Administration->Icon mapping	Closed	Unassigned

Activity

People

Assignee:: Unassigned

Reporter:: Alexey Fukalov

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2012 Feb 07 13:48

Updated:: 2019 Aug 28 09:42

Resolved:: 2019 Aug 28 09:42