Forum
unescaped < and >
If I insert <, <, >, or > into a markdown textarea, Perch outputs them as raw < and > chars, which causes validation errors (e.g. "Bad character after <. Probable cause: Unescaped <. Try escaping it as <."). Is there any way to properly escape these?
Do you have
html="true"set? Otherwise they'll be encoded automatically.Yes, the fields have
html="true"set. The fields contain fairly complex tables, so I need to be able to enter HTML in them.If you have html="true" set then Perch is behaving correctly and not escaping HTML tags. It isn't possible to have it both ways.
Hmm… my thought was that having
html="true"would allow me to do proper HTML character encoding, e.g.<. The problem is that this sequence of characters is getting converted to a literal '<' at some point before being output. That doesn't seem like correct behaviour. Ifhtml="true"is set, shouldn't the<get output exactly as entered?I just did a quick check and this isn't happening if
markdownisn’t also set totrue; with justhtml="true"set, I can enter<and it is output exactly as I entered it. So, it looks like an issue with ParseDown converting<to<, not Perch.Sorry for the multiple posts. I just checked Parsedown and it's actually handling this properly.
I think the problem is in
core/lib/PerchFieldTypes.class.php, line 496. This block is decoding HTML entities becausemarkdown="true", but that should probably only happen ifmarkdown="true"andhtml="false".htmlis false unless it's set to true. If it's not set to true,<should output as<in the source.