This project is archived and is in readonly mode.

#954 ✓wontfix
Tietew

RailsSanitize.white_list_sanitizer.sanitize does not handle \ properly

Reported by Tietew | September 2nd, 2008 @ 06:26 AM

Sanitizing following html gives broken result.


<img src="backslash.png" alt="\" />

gives


<img src="backslash.png" alt="\&quot; /&gt;">

The character "" (backslash) in HTML(SGML/XML) attributes has no special meaning.

Comments and changes to this ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

<h2 style="font-size: 14px">Tickets have moved to Github</h2>

The new ticket tracker is available at <a href="https://github.com/rails/rails/issues">https://github.com/rails/rails/issues</a>

People watching this ticket

Attachments

Pages