Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-84154

Upgrade HTML Purifier to 4.18.0

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • 5.0
    • 5.0
    • Libraries
    • MOODLE_500_STABLE
    • MOODLE_500_STABLE
    • MDL-84154_upgrade-HTML-Purifier-to-latest-4-18-0
    • Hide

      (Copied from MDL-80636)

      Third-party libraries

      1. Login as admin.
      2. Navigate to Site Administration > Development > Third-party libraries.
      3. Verify that the version of HTMLPurifier is 4.18.0

      Manual testing

      1. Log in as Admin.
      2. Create a Course.
      3. Enrol a Student in the Course.
      4. Create a Forum in the Course.
      5. Log in as the Student.
      6. Go to the Forum.
      7. Create a discussion.
      8. In the discussion message, add a couple of HTML links with "Open in new window" checked and a couple with "Open in new window" unchecked.
      9. Save.
      10. View the discussion and verify, viewing the source code, that any links that have the "target="xxxx"" attribute will have the "rel=noreferrer noopener" attribute added.
      11. Verify when opening a target="_blank" link that the original page is not redirected and the link is open in a new tab/window.
      12. Try the same sort of thing in other text areas and see if any don't add the attribute.

      Example:
      This:

      <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank">Test my link</a>

      Becomes:

      <a href="http://allthethings.co.nz/moodle/redirect.html" target="_blank" rel="noreferrer noopener">Test my link</a>

      Show
      (Copied from MDL-80636 ) Third-party libraries Login as admin. Navigate to Site Administration > Development > Third-party libraries . Verify that the version of HTMLPurifier is 4.18.0 Manual testing Log in as Admin. Create a Course. Enrol a Student in the Course. Create a Forum in the Course. Log in as the Student. Go to the Forum. Create a discussion. In the discussion message, add a couple of HTML links with "Open in new window" checked and a couple with "Open in new window" unchecked. Save. View the discussion and verify , viewing the source code, that any links that have the " target="xxxx" " attribute will have the " rel=noreferrer noopener " attribute added. Verify when opening a target="_blank" link that the original page is not redirected and the link is open in a new tab/window. Try the same sort of thing in other text areas and see if any don't add the attribute. Example: This: < a href = "http://allthethings.co.nz/moodle/redirect.html" target = "_blank" >Test my link</ a > Becomes: < a href = "http://allthethings.co.nz/moodle/redirect.html" target = "_blank" rel = "noreferrer noopener" >Test my link</ a >
    • Hide

      Code verified against automated checks.

      Checked MDL-84154 using repository: https://github.com/ziegenberg/moodle

      More information about this report

      Built on: Wed Mar 19 07:56:17 UTC 2025

      Show
      Code verified against automated checks. Checked MDL-84154 using repository: https://github.com/ziegenberg/moodle main (0 errors / 0 warnings) [branch: MDL-84154_upgrade-HTML-Purifier-to-latest-4-18-0 | CI Job ] More information about this report Built on: Wed Mar 19 07:56:17 UTC 2025
    • Hide

      Launching automatic jobs for branch MDL-84154_upgrade-HTML-Purifier-to-latest-4-18-0

      Built on: Wed Mar 19 06:25:15 UTC 2025

      Show
      Launching automatic jobs for branch MDL-84154 _upgrade-HTML-Purifier-to-latest-4-18-0 https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/18658/ PHPUnit (sqlsrv) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63916/ Behat (NonJS - boost and classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63917/ Behat (Firefox - boost) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63918/ Behat (Firefox - classic) https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/63919/ App tests (stable app version) Built on: Wed Mar 19 06:25:15 UTC 2025

      HTML Purifier lib/htmlpurifier/ 4.17.0 --> 4.18.0 https://github.com/ezyang/htmlpurifier

        1. MDL-84154.png
          MDL-84154.png
          763 kB

            Daniel Ziegenberg Daniel Ziegenberg
            sarjona Sara Arjona (@sarjona)
            Meirza Meirza
            Jun Pataleta Jun Pataleta
            Ron Carl Alfon Yu Ron Carl Alfon Yu
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 5 hours
                5h

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.