View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
19853 | Bug reports | Survey editing | public | 2024-11-27 17:01 | 2024-11-29 19:40 |
Reporter | c_schmitz | Assigned To | tibor.pacalat | ||
Priority | urgent | Severity | crash | ||
Status | ready for testing | Resolution | open | ||
Product Version | 6.6.x | ||||
Summary | 19853: Data images crashing survey | ||||
Description | It is possible to embed images in LimeSurvey as embeeded html image, like: THis should not be possible. | ||||
Steps To Reproduce | Steps to reproduceDrag and pull an image into CKEditor. Expected resultIt should not work, ideally it would offer to upload the question. Actual resultThe image will be embedded as data image, not uploaded . | ||||
Tags | No tags attached. | ||||
Bug heat | 16 | ||||
Complete LimeSurvey version number (& build) | 6.x | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | |||||
Database type & version | n/a | ||||
Server OS (if known) | |||||
Webserver software & version (if known) | |||||
PHP Version | n/a | ||||
This is CKEditor or it should be filtered by the html purifier? |
|
Both, I think. |
|
https://github.com/LimeSurvey/LimeSurvey/pull/4065 This part is for not allowing saving. The frontend part think is better to tackle it after implementing ckeditor 5. |
|
About CKEditor : https://stackoverflow.com/a/23101048/2239406 |
|
I managed to save it when creating a question, but what this does is filters the content, src attribute it not there. |
|
Correct. I am sorry. It allows save. It just filters out the data/image source attribute. FYI. This is already being filtered for non-superadmins.
Agree. Need to work on the CKEditor. Will include it when upgrading to v5 |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2024-11-27 17:01 | c_schmitz | New Issue | |
2024-11-27 17:01 | c_schmitz | Assigned To | => gabrieljenik |
2024-11-27 17:01 | c_schmitz | Status | new => assigned |
2024-11-27 17:01 | c_schmitz | Priority | none => urgent |
2024-11-27 17:03 | c_schmitz | Relationship added | has duplicate 18940 |
2024-11-27 17:03 | c_schmitz | Bug heat | 0 => 10 |
2024-11-27 20:42 | gabrieljenik | Note Added: 81524 | |
2024-11-27 20:42 | gabrieljenik | Bug heat | 10 => 12 |
2024-11-28 15:46 | c_schmitz | Note Added: 81525 | |
2024-11-28 15:46 | c_schmitz | Bug heat | 12 => 14 |
2024-11-28 16:56 | gabrieljenik | Assigned To | gabrieljenik => DenisChenu |
2024-11-28 16:56 | gabrieljenik | Status | assigned => ready for code review |
2024-11-28 16:56 | gabrieljenik | Note Added: 81528 | |
2024-11-28 17:11 | DenisChenu | Assigned To | DenisChenu => tibor.pacalat |
2024-11-28 17:11 | DenisChenu | Status | ready for code review => ready for testing |
2024-11-28 17:14 | DenisChenu | Note Added: 81529 | |
2024-11-29 17:19 | tibor.pacalat | Note Added: 81538 | |
2024-11-29 17:19 | tibor.pacalat | Bug heat | 14 => 16 |
2024-11-29 19:40 | gabrieljenik | Note Added: 81547 |