Escape HTML entities in URL #229

witrin · 2013-02-16T20:32:17Z

Hi,

the helper method Mage_Core_Helper_Abstract::escapeUrl() doesn't prevent double encodings. So would be htmlspecialchars($data, ENT_COMPAT, 'UTF-8', false) not the better solution?

Best regards,
Artus

The text was updated successfully, but these errors were encountered:

magento-team · 2013-02-19T17:19:41Z

Hi, Artus.
Yes, similar to escapeHtml(), it should be OK to use it in escapeUrl() as well. We'd appreciate if you contribute with a unit test.

verklov · 2014-01-02T16:06:08Z

Fixed by #238 . Closing this issue.

[MPI] Bug fixes and tasks

witrin mentioned this issue Feb 21, 2013

Improve escaping HTML entities in URL #238

Closed

verklov closed this as completed Jan 2, 2014

magento-team pushed a commit that referenced this issue Dec 7, 2015

Merge pull request #229 from magento-mpi/MPI-S73-PR

f78935d

[MPI] Bug fixes and tasks

danielrenaud mentioned this issue Apr 3, 2019

229 - Query get request support magento/graphql-ce#565

Closed

4 tasks

magento-devops-reposync-svc pushed a commit that referenced this issue Apr 29, 2024

LYNX-387: Add original row total price (#229)

0c80bc4

magento-devops-reposync-svc pushed a commit that referenced this issue Jun 27, 2024

LYNX-387: Add original row total price (#229)

23b17a5

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Escape HTML entities in URL #229

Escape HTML entities in URL #229

witrin commented Feb 16, 2013

magento-team commented Feb 19, 2013

verklov commented Jan 2, 2014

Escape HTML entities in URL #229

Escape HTML entities in URL #229

Comments

witrin commented Feb 16, 2013

magento-team commented Feb 19, 2013

verklov commented Jan 2, 2014