|Anonymous | Login||2014-11-22 11:10 CET|
|Main | My View | View Issues | Change Log | Roadmap | Repositories | Vote Tallies|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|08061||Feature requests||[All Projects] Survey design||public||2013-07-31 02:12||2014-05-03 21:20|
|Target Version||Fixed in Version||2.05+|
|Summary||08061: certain html stripped from question text for non admin users|
Create a user with no global rights, just rights to a single survey
create a question group
create a question..
add some text with a html link to some site
add the option to make it open in _blank
_blank option removed
Reproduced in your demo version (survey test html and testuser/test)
and Version 2.00+ Build 130708
|Tags||No tags attached.|
|very similar to 07949|
|ok, so i disabled the xssfilter and now it works, however even if the xssfilter is on you should be able to add _blank into a href?|
Is this related to 08054 ?
It still persists in 2.00+ b130923, even though I have a testing installation in the same version that doesn't have this problem. Both have the XSS filter enabled. The testing installation was set up directly as b130923, while the other one (where the problem occurs) was upgraded since 1.92+...
It is a pain not being able to edit a page with a link using target="_blank" as a non-admin user. Can anyone shine a light on where to look for the error?
|This is marked as solved at http://bugs.limesurvey.org/view.php?id=8972 [^]|
|2013-07-31 02:12||lowprofile||New Issue|
|2013-07-31 02:23||lowprofile||Note Added: 25900|
|2013-07-31 15:28||lowprofile||Note Added: 25901|
|2013-11-07 16:46||jonsen||Note Added: 27143|
|2014-04-29 17:45||jonsen||Note Added: 29905|
|2014-05-03 21:20||c_schmitz||Status||new => closed|
|2014-05-03 21:20||c_schmitz||Assigned To||=> c_schmitz|
|2014-05-03 21:20||c_schmitz||Resolution||open => fixed|
|2014-05-03 21:20||c_schmitz||Fixed in Version||=> 2.05+|
|2014-05-03 21:20||c_schmitz||Relationship added||duplicate of 08972|
|Copyright © 2000 - 2014 MantisBT Team|