LimeSurvey issue tracker
Registration

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
08061Feature requests[All Projects] Survey designpublic2013-07-31 02:122014-05-03 21:20
Reporterlowprofile 
Assigned Toc_schmitz 
PrioritynormalSeverity@50@ 
StatusclosedResolutionfixed 
Product Version 
Target VersionFixed in Version2.05+ 
Summary08061: certain html stripped from question text for non admin users
DescriptionSteps
Create a user with no global rights, just rights to a single survey
create a question group
create a question..
add some text with a html link to some site
add the option to make it open in _blank

save
edit question
note
_blank option removed

Reproduced in your demo version (survey test html and testuser/test)
and Version 2.00+ Build 130708
TagsNo tags attached.
Attached Files

- Relationships
duplicate of 08972closedc_schmitz Bug reports Currently, only an administrator can save the link target in new window (_blank) 

-  Notes
User avatar (25900)
lowprofile (reporter)
2013-07-31 02:23

very similar to 07949
User avatar (25901)
lowprofile (reporter)
2013-07-31 15:28

ok, so i disabled the xssfilter and now it works, however even if the xssfilter is on you should be able to add _blank into a href?
User avatar (27143)
jonsen (reporter)
2013-11-07 16:46

Is this related to 08054 ?

It still persists in 2.00+ b130923, even though I have a testing installation in the same version that doesn't have this problem. Both have the XSS filter enabled. The testing installation was set up directly as b130923, while the other one (where the problem occurs) was upgraded since 1.92+...

It is a pain not being able to edit a page with a link using target="_blank" as a non-admin user. Can anyone shine a light on where to look for the error?
User avatar (29905)
jonsen (reporter)
2014-04-29 17:45

This is marked as solved at http://bugs.limesurvey.org/view.php?id=8972 [^]

- Issue History
Date Modified Username Field Change
2013-07-31 02:12 lowprofile New Issue
2013-07-31 02:23 lowprofile Note Added: 25900
2013-07-31 15:28 lowprofile Note Added: 25901
2013-11-07 16:46 jonsen Note Added: 27143
2014-04-29 17:45 jonsen Note Added: 29905
2014-05-03 21:20 c_schmitz Status new => closed
2014-05-03 21:20 c_schmitz Assigned To => c_schmitz
2014-05-03 21:20 c_schmitz Resolution open => fixed
2014-05-03 21:20 c_schmitz Fixed in Version => 2.05+
2014-05-03 21:20 c_schmitz Relationship added duplicate of 08972


Copyright © 2000 - 2014 MantisBT Team
Powered by Mantis Bugtracker