View Issue Details

Jump to NotesJump to History
This bug affects 1 person(s).
 18
IDProjectCategoryView StatusDate SubmittedLast Update
19853Bug reportsSurvey editingpublic2024-11-27 17:012024-12-03 11:41
Reporterc_schmitz Assigned Totibor.pacalat  
PriorityurgentSeveritycrash 
Status closedResolutionfixed 
Product Version6.6.x 
Summary19853: Data images crashing survey
Description

It is possible to embed images in LimeSurvey as embeeded html image, like:
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAiIAAABeCAIAAACRqejuAAAgAElEQVR4Ae1dCVxVxfcfQARBRS0XXHDXtAy3RE19FuFPNPd9QXMtTMlcMC3EBUXLNBVTlL+piUtuBKKJC7jva2LkAkgabsSmoCxv/ti14XDm3st7jwcIDBrkJggg==" style="height: 52px; width: 300px;" />

THis should not be possible.

Steps To Reproduce

Steps to reproduce

Drag and pull an image into CKEditor.
The image will be embedded as data image, not uploaded .

Expected result

It should not work, ideally it would offer to upload the question.
Any existing directly HTML using data image should be filtered out on save.

Actual result

The image will be embedded as data image, not uploaded .
This creates huge survey sessions and makes editing and running the survey very slow.

TagsNo tags attached.
Bug heat18
Complete LimeSurvey version number (& build)6.x
I will donate to the project if issue is resolvedNo
Browser
Database type & versionn/a
Server OS (if known)
Webserver software & version (if known)
PHP Versionn/a

Relationships

Relationship GraphDependency Graph
has duplicate 18940 closedc_schmitz Out of memory if question text is too big 

Users monitoring this issue

There are no users monitoring this issue.

Activities

gabrieljenik

gabrieljenik

2024-11-27 20:42

manager   ~81524

This is CKEditor or it should be filtered by the html purifier?
c_schmitz

c_schmitz

2024-11-28 15:46

administrator   ~81525

Both, I think.
Ideally CKEditor would not allow drag'n'drop conversion and on save it also should be filtered.
gabrieljenik

gabrieljenik

2024-11-28 16:56

manager   ~81528

https://github.com/LimeSurvey/LimeSurvey/pull/4065

This part is for not allowing saving.
We have tried to use html purifier, but were not able to set it as to "allow all but images with data src".
Hence, sued a reg exp. The approach can be enhanced if needed, but as for starters and solving the current situation, think it is worth it.

The frontend part think is better to tackle it after implementing ckeditor 5.
DenisChenu

DenisChenu

2024-11-28 17:14

developer   ~81529

About CKEditor : https://stackoverflow.com/a/23101048/2239406
Seems there are only workarounds currently
tibor.pacalat

tibor.pacalat

2024-11-29 17:19

administrator   ~81538

https://github.com/LimeSurvey/LimeSurvey/pull/4065
This part is for not allowing saving.

I managed to save it when creating a question, but what this does is filters the content, src attribute it not there.
So this should kind of solve the issue short term, but there is no warning about why this works like that etc. so user can only see that no image has been shown in the survey - bad UX.
gabrieljenik

gabrieljenik

2024-11-29 19:40

manager   ~81547

I managed to save it when creating a question, but what this does is filters the content,

Correct. I am sorry. It allows save. It just filters out the data/image source attribute.

FYI. This is already being filtered for non-superadmins.
So the new behavior is just for super-admins.

So this should kind of solve the issue short term, but there is no warning about why this works like that etc. so user can only see that no image has been shown in the survey - bad UX.

Agree. Need to work on the CKEditor. Will include it when upgrading to v5
tibor.pacalat

tibor.pacalat

2024-12-02 17:43

administrator   ~81551

Ok, I have merged the PR in to prevent survey slowness.
LimeBot

LimeBot

2024-12-03 11:41

administrator   ~81556

Fixed in Release 6.8.2+241203

Issue History

Date Modified Username Field Change
2024-11-27 17:01 c_schmitz New Issue
2024-11-27 17:01 c_schmitz Assigned To => gabrieljenik
2024-11-27 17:01 c_schmitz Status new => assigned
2024-11-27 17:01 c_schmitz Priority none => urgent
2024-11-27 17:03 c_schmitz Relationship added has duplicate 18940
2024-11-27 17:03 c_schmitz Bug heat 0 => 10
2024-11-27 20:42 gabrieljenik Note Added: 81524
2024-11-27 20:42 gabrieljenik Bug heat 10 => 12
2024-11-28 15:46 c_schmitz Note Added: 81525
2024-11-28 15:46 c_schmitz Bug heat 12 => 14
2024-11-28 16:56 gabrieljenik Assigned To gabrieljenik => DenisChenu
2024-11-28 16:56 gabrieljenik Status assigned => ready for code review
2024-11-28 16:56 gabrieljenik Note Added: 81528
2024-11-28 17:11 DenisChenu Assigned To DenisChenu => tibor.pacalat
2024-11-28 17:11 DenisChenu Status ready for code review => ready for testing
2024-11-28 17:14 DenisChenu Note Added: 81529
2024-11-29 17:19 tibor.pacalat Note Added: 81538
2024-11-29 17:19 tibor.pacalat Bug heat 14 => 16
2024-11-29 19:40 gabrieljenik Note Added: 81547
2024-12-02 17:43 tibor.pacalat Note Added: 81551
2024-12-03 11:41 LimeBot Note Added: 81556
2024-12-03 11:41 LimeBot Status ready for testing => closed
2024-12-03 11:41 LimeBot Resolution open => fixed
2024-12-03 11:41 LimeBot Bug heat 16 => 18