View Issue Details

IDProjectCategoryView StatusLast Update
0007401module Visual CMSmodule Visual CMS - subpublic2023-01-17 16:10
Reporter[email protected] 
PrioritynormalSeveritymajorReproducibilityalways
Status acknowledgedResolutionopen 
Product Version3.6.0 
Target VersionFixed in Version 
Summary0007401: Single quote character in arbitrary category name leads to javascript error
DescriptionWhen a category with a single quote character (') exists Visual CMS will fail to load and completely prevent editors from editing any content.
This character is more common in some languages like e.g. dutch or french.

This seems to be due to incorrect escaping in ddoevisualcmsadmin.tpl.
The category widget "shortcode", which is part of the core visual cms module, loads all available categories and presents these as selectable options in the widget.
The generation of these options in ddoevisualcmsadmin.tpl seems to be the problem.

Steps To Reproduce- Create or edit a category with a single quote in it's name (e.g. "Single Quote ' Test")
- Click on the Visual CMS menu entry
- Watch a javascript error occur and preventing the Visual CMS from loading
TagsNo tags attached.

Activities

[email protected]

2023-01-17 10:53

reporter  

QA

2023-01-17 16:08

administrator   ~0014981

Last edited: 2023-01-17 16:08

View 2 revisions

Steps to reproduce in Backend:
- Administer Products > Categories > create new Category: Single Quote ' Test
- Customer Info > Visual CMS
- Visual CMS isn't loading, see JS errors in Dev Console

-MF