View Issue Details

This bug affects 1 person(s).
IDProjectCategoryView StatusLast Update
15743Bug reportsSurvey editingpublic2020-06-22 16:42
Reporterp_teichmann Assigned ToDenisChenu  
Status closedResolutionfixed 
Product Version4.0.x 
Target Version4.0.xFixed in Version4.2.8 
Summary15743: Script field in Questioneditor should be locked when XSS filtering is enabled for non superadmins
DescriptionWhen XSS filtering is turned on all non superadmins should see a locked script field if they have the script field enabled.
Steps To Reproduce1. Enable xss filtering globalsettings->security
2. Create a User with permissions for surveys / not superadmin
3. login with that user and enable script field in personal settings
4. the script field should be locked
Additional InformationCreate a locked status for the script field and add description or mouseover why it is locked
TagsNo tags attached.
Bug heat2
Complete LimeSurvey version number (& build)4.0.0
I will donate to the project if issue is resolvedNo
Database type & versionnot relevant
Server OS (if known)
Webserver software & version (if known)
PHP Versionnot relevant

Users monitoring this issue

User List There are no users monitoring this issue.




2020-02-24 07:45

developer   ~56157

But : this settings must be removed ! There are no reason to hide it if you're allowed. It's not a user settings ....

Why adding it ? Give me one good reason.

Issue History

Date Modified Username Field Change
2020-01-20 14:53 p_teichmann New Issue
2020-01-20 14:53 p_teichmann Status new => assigned
2020-01-20 14:53 p_teichmann Assigned To => cdorin
2020-02-22 21:20 cdorin Assigned To cdorin =>
2020-02-22 21:20 cdorin Priority none => normal
2020-02-22 21:20 cdorin Status assigned => confirmed
2020-02-24 07:45 DenisChenu Note Added: 56157
2020-06-22 16:42 DenisChenu Assigned To => DenisChenu
2020-06-22 16:42 DenisChenu Status confirmed => resolved
2020-06-22 16:42 DenisChenu Resolution open => fixed
2020-06-22 16:42 DenisChenu Fixed in Version => 4.2.8
2020-06-22 16:42 DenisChenu Status resolved => closed