Moodle
  1. Moodle
  2. MDL-32105

Glossary: Allows special characters in keywords

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: 2.1.2
    • Fix Version/s: STABLE backlog
    • Component/s: Glossary
    • Labels:
    • Testing Instructions:
      Hide

      1. In a glossary, edit settings and change the summary to include the phrase 'good > evil'. (Using the HTML editor, so that the > here will actually be 'ampersand gt semicolon'.)

      2. Add a new entry in the glossary:
      a. Concept 'greater than'
      b. Description 'blah'
      c. Keywords: >
      d. Set auto-link to true.

      3. Save the entry

      EXPECTED:

      Either, the resulting page should correctly show the entry, and the > in the summary should be autolinked to the entry.

      Or, after saving the user should be returned to the form with a validation error on the keyword list indicating that > is not a valid character for use in keywords. (Note, also check other problematic characters & < ", or else have a whitelist. If there is a whitelist it should probably permit all UTF-8 characters above ASCII range so as to support foreign language characters.)

      ACTUAL:

      Current result is that the heading of the saved entry is mangled; entry displays as:

      <%1-%-0%><#1-%-0#><%2-%-1%>
      blah
      
      Show
      1. In a glossary, edit settings and change the summary to include the phrase 'good > evil'. (Using the HTML editor, so that the > here will actually be 'ampersand gt semicolon'.) 2. Add a new entry in the glossary: a. Concept 'greater than' b. Description 'blah' c. Keywords: > d. Set auto-link to true. 3. Save the entry EXPECTED: Either, the resulting page should correctly show the entry, and the > in the summary should be autolinked to the entry. Or, after saving the user should be returned to the form with a validation error on the keyword list indicating that > is not a valid character for use in keywords. (Note, also check other problematic characters & < ", or else have a whitelist. If there is a whitelist it should probably permit all UTF-8 characters above ASCII range so as to support foreign language characters.) ACTUAL: Current result is that the heading of the saved entry is mangled; entry displays as: <%1-%-0%><#1-%-0#><%2-%-1%> blah
    • Workaround:
      Hide

      Don't be that idiot who types in > for a keyword and expects it to work.

      (Joke...)

      Show
      Don't be that idiot who types in > for a keyword and expects it to work. (Joke...)
    • Affected Branches:
      MOODLE_21_STABLE
    • Rank:
      38814

      Description

      When using the glossary, you can enter a special character in the keywords list, such as a greater-than sign >. If you do this with an auto-linked glossary item, it will make a right old mess of all the HTML across the course.

        Activity

        Hide
        Michael de Raadt added a comment -

        Thanks for reporting this.

        I've put that on the backlog.

        In the meantime feel free to help us work on this issue.

        Show
        Michael de Raadt added a comment - Thanks for reporting this. I've put that on the backlog. In the meantime feel free to help us work on this issue.
        Hide
        Eloy Lafuente (stronk7) added a comment -

        This issue was assigned to me automatically, however I will not be able to work on this issue in the immediate future. In order to create a truer sense of the state of this issue and to allow other developers to have chance to become involved, I am removing myself as the assignee of this issue.

        For more information, see http://docs.moodle.org/dev/Changes_to_issue_assignment

        Show
        Eloy Lafuente (stronk7) added a comment - This issue was assigned to me automatically, however I will not be able to work on this issue in the immediate future. In order to create a truer sense of the state of this issue and to allow other developers to have chance to become involved, I am removing myself as the assignee of this issue. For more information, see http://docs.moodle.org/dev/Changes_to_issue_assignment

          People

          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: