Support » Plugin: WPtouch » WPtouch v4.3.20 hasn’t fixed the bug

  • I post the topic one month ago:
    https://wordpress.org/support/topic/script-tag-is-not-allowed-when-i-customize-the-footer/

    The bug still exists after updating wptouch to version 4.3.20.

    Version 4.3.20 (October 5, 2017) Fixed: Prevent stripping of form input elements from the additional footer html content entered in the customizer.

    What I concern is <script> elements, not only form input elements.

    If you enter “<script> function foo() {} </script>” in the “Custom footer content” text box, you will see “function foo() {}” on the page.

    Please fixed it.

    Thank you.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Zach Wills

    (@oxymoron)

    Hey angryben,

    We’ve just pushed out a hotfix that should resovle the issue you’ve reported. Let me know if you continue to have any issues.

    Thank you for taking the time to report this bug and to help make WPtouch better!

    Regards,

    Zach

    @oxymoron

    Thank you for fixing it so fast.

    There is another issue.

    It doesn’t escape double quotes correctly.

    Try the code below

    <script>
    $(“.post-page-content”).prepend(“<h1 id=\”tmp\”>hello world</h1>”);
    </script>

    \” will be unescaped to ”

    But these code works well:

    <script>
    $(“.post-page-content”).prepend(‘<h1 id=\’tmp\’>hello world</h1>’);
    </script>

    <script>
    $(“.post-page-content”).prepend(‘<h1 id=”tmp”>hello world</h1>’);
    </script>

    <script>
    $(“.post-page-content”).prepend(“<h1 id=’tmp’>hello world</h1>”);
    </script>

    You are supposed to see the <h1> element on the page.

    Plugin Contributor Zach Wills

    (@oxymoron)

    Hey angryben,

    We’re looking into this for you. Let me know if you have any other issues.

    Thank you for reporting this and helping make WPtouch better!

    Regards,

    Zach

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘WPtouch v4.3.20 hasn’t fixed the bug’ is closed to new replies.