[MDL-67336] Forum inline reply option is applying filters before saving content in the DB - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.8
Fix Version/s: 3.7.4, 3.8.1
Component/s: Forum
Labels:
- ci
- release_notes
- triaged

Affected Branches:
MOODLE_38_STABLE
Fixed Branches:
MOODLE_37_STABLE, MOODLE_38_STABLE
Pull from Repository:
https://github.com/roland04/moodle
Pull Master Branch:
~~MDL-67336~~-master
Pull Master Diff URL:
https://github.com/roland04/moodle/compare/MDL-67336-master~...MDL-67336-master
Testing Instructions:
Hide

As admin go to "Site administration > Plugins > Manage filters"

Set "Convert URLs into links and images" to "On"
Set "Multimedia plugins" to "On"

Move "Convert URLs into links and images" above "Multimedia plugins"

Change "Convert URLs into links and images" filter settings adding marking "HTML format" and "Moodle auto-format" in "Apply to formats" options.

Go to a forum post

Click on "Reply"

Add 'Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs' content to the reply field

Check youtube video is showing in the new post

Check content stored in the DB is: '<div class="text_to_html">Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs</div>'
Show
As admin go to "Site administration > Plugins > Manage filters" Set "Convert URLs into links and images" to "On" Set "Multimedia plugins" to "On" Move "Convert URLs into links and images" above "Multimedia plugins" Change "Convert URLs into links and images" filter settings adding marking "HTML format" and "Moodle auto-format" in "Apply to formats" options. Go to a forum post Click on "Reply" Add 'Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs ' content to the reply field Check youtube video is showing in the new post Check content stored in the DB is: '<div class="text_to_html">Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs </div>'

Description

Forum inline reply is not saving content in the DB as it is in the editor, is applying filters before saving it in the DB.

So, for example, if 'Display H5P' filter is enabled in the site and somebody adds H5P content (URL) in an inline reply, the filter is applied and an <iframe src='...'></iframe> is saved in the DB. When the reply is display, an if trustedcontent is not activated, that 'iframe' tag is removed, so H5P content is not rendered.

Steps to reproduce:

Go to a forum post
Click on 'Reply' option
Add 'H5P: https://h5p.org/h5p/embed/576651' content in inline reply field.
Check content stored in the DB is:

<div class="text_to_html">H5P: <iframe src="https://h5p.org/h5p/embed/576651" class="h5p-iframe" name="h5pcontent" style="height:230px; width: 100%; border: 0;" allowfullscreen="allowfullscreen"></iframe><script src="http://localhost/moodle/master/lib/h5p/js/h5p-resizer.js"></script></div>

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

MDL-67336.jpg
33 kB
08/Jan/20 9:07 AM

Issue Links

Testing discovered

MDL-67549 'HTML format' option mark by default in 'Apply to formats' setting for 'Convert URLs into links and images' filter

Open

mentioned on

Commit - Merge branch 'MDL-67336-38' of https://github.com/roland04/moodle into MOODLE_38_STABLE

Activity

People

Assignee:: Mikel Martín Corrales

Reporter:: Amaia Anabitarte

Peer reviewer:: Amaia Anabitarte

Integrator:: Jake Dallimore

Tester:: Anna Carissa Sadia

Participants:: Amaia Anabitarte, Anna Carissa Sadia, CiBoT, Gitlab MoodleCloud, Jake Dallimore, Mikel Martín Corrales

Component watchers:: Adrian Greeve, Ilya Tregubov, Kevin Percy, Mathew May, Mihail Geshoski, Shamim Rezaie

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 22/Nov/19 8:53 PM

Updated:: 14/Jan/20 10:41 AM

Resolved:: 09/Jan/20 11:31 PM

Fix Release Date:: 13/Jan/20

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1d 1h 21m