Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-24565

Cleaning does not prevent invalid XML unicode characters

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 1.9.10, 2.0
    • 1.9.9, 2.0
    • Libraries
    • None
    • MOODLE_19_STABLE, MOODLE_20_STABLE
    • MOODLE_19_STABLE, MOODLE_20_STABLE

      It is possible to enter, e.g. into a forum post, Unicode control characters such as U+0001.

      Within XML output, only the control characters 9, 10, and 13 are permitted. Presumably for this reason, the RSS feed output for the forum does not work if somebody enters those characters.

      A suitable fix would be to make the Moodle clean_param function capable of stripping out these characters (any control character other than 9, 10, 13).

        1. patch.diff
          0.7 kB
          Jenny Gray

            jenny-gray Jenny Gray (Inactive)
            quen Sam Marshall
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.