Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-65742

Upgrade HTML Purifier to 4.10.0

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.8
    • Fix Version/s: 3.8
    • Component/s: Libraries
    • Labels:
    • Testing Instructions:
      Hide

      +Test 1

      1. Log in as Admin.
      2. Create a Course.
      3. Enrol a Student in the Course.
      4. Create a Forum in the Course.
      5. Log in the Student.
      6. Go to the Forum.
      7. Create a discussion.
      8. In the discussion message, add HTML links with and without the target attribute.
        • Note: You will need to only use the value _blank for target as other values are filtered out.
      9. Save.
      10. View the discussion and verify, viewing source code, that any links that have the target attribute will have rel=noreferrer noopener attribute added. Make sure the when opening a target="_blank" link that the original page is not redirected and the link is open in a new tab/window.
      11. Try the same sort of thing in other text areas and see if any don't add the attribute.

      Example:

      This:
      <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank">Test my link</a>
       
      Becomes:
      <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank" rel="noreferrer noopener">Test my link</a>

       

      Test 2

      Run all unit tests and check that failures don't relate to this issue.+

      Show
      + Test 1 Log in as Admin. Create a Course. Enrol a Student in the Course. Create a Forum in the Course. Log in the Student. Go to the Forum. Create a discussion. In the discussion message, add HTML links with and without the target attribute. Note: You will need to only use the value _blank for target as other values are filtered out. Save. View the discussion and verify, viewing source code, that any links that have the target attribute will have rel=noreferrer noopener attribute added. Make sure the when opening a target="_blank" link that the original page is not redirected and the link is open in a new tab/window. Try the same sort of thing in other text areas and see if any don't add the attribute. Example: This: <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank">Test my link</a>   Becomes: <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank" rel="noreferrer noopener">Test my link</a>   Test 2 Run all unit tests and check that failures don't relate to this issue.+
    • Affected Branches:
      MOODLE_38_STABLE
    • Fixed Branches:
      MOODLE_38_STABLE
    • Epic Link:
    • Pull Master Branch:
      MDL-65742-master

      Description

      HTML Purifier /lib/htmlpurifier/ 4.09.3 4.10.0 Yes http://htmlpurifier.org/

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Geshoski Mihail Geshoski
              Reporter:
              dobedobedoh Andrew Nicols
              Integrator:
              Eloy Lafuente (stronk7)
              Tester:
              CiBoT
              Participants:
              Component watchers:
              Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Sara Arjona (@sarjona)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                18/Nov/19

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 hour, 45 minutes
                  1h 45m