Hi Experts,
there is a ootb sanitizing of Strings in smartedit for the types "ShortString" and "LongString". The sanitizing function looks like:
return !isBlank(str) ? str.split('').reverse().join('').replace(/(?:(([()])(?!\\)))/g, '$1\\').split('').reverse().join('') : str;
The result is that round parenthesis "()" are escaped with a backslash. The api-comment is "escapes any harmful scripting from a string, leaves innocuous HTML untouched".
There are 2 questions:
Which kind of scripting is meant? JS, JSP, ??
Does this mean, that you can not add content which contains parenthisis at all within the types "ShortString" and "LongString"?
Cheers,
Andreas
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.