wyrmmage
Forum Replies Created
-
Forum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareaswebdorado,
As I mentioned above, I’ve already installed the latest version, and it still has the issue.
Would it be possible to continue discussion here? I’d rather do that than have to start a new chain of communication, if possible.
Thank you,
EliForum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareasHehe, what I’m trying to say is that the HTML tags added to the form fields are [b]not[/b] being encoded.
Forum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareasHehe, I think we’re talking past each other a bit 🙂
What I’m trying to say is that I think that the fields are [i]not[/i] being HTML encoded, as when I input HTML in a form field (as the end user), it [i]does[/i] work, when it should not.
If you try taking this code
Hi there, I'm trying to contact you about an issue. <b>This should not show up as bold in the email, but in my case, it does.</b>and paste it into a textarea in the form, then at least for me, the text that’s in the bold tags is bold inside the email.
Does that help at all?
Thank you 🙂
Forum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareasI’ve tried installing the latest version, but I’m afraid it still has the same issue. Would you mind trying it out by copying
Hey, I'm having some issues with the HTML that you sent me. I've been putting this code in for the image, but I can't get it working :\ <img src="someImage.png">into a textarea in the form and then emailing it to yourself in HTML mode? With me, the HTML is interpreted, instead of being shown.
Forum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareasWell, what I meant was that it would be nice if HTML characters in tokens (like %all%) were sanitized when outputted in an HTML email.
For instance, let’s say that someone puts in your contact form the below code.
Hey, I'm having some issues with the HTML that you sent me. I've been putting this code in for the image, but I can't get it working :\ <img src="someImage.png">and then your email template looks like this:
You’ve received an email!
%all%The end result is that the email will be sent with the image HTML embedded directly into the email, and the email client will likely render the image or strip it for safety reasons, instead of displaying what was originally entered in the form. It would be nice if instead the tokens were run through something that converted HTML special characters into HTML entities, so the resulting email would be something like this:
You’ve received an email!
Hey, I’m having some issues with the HTML that you sent me. I’ve been putting this code in for the image, but I can’t get it working :\<img src=”someImage.png”>
When the email client would render the above code, then it would turn the entities back into normal characters, so that the text that was shown in the email would look like the text that was originally put in the form 🙂
Does that help at all? If not, I can try to explain it in more detail or in a different way.
Forum: Plugins
In reply to: [WDContactFormBuilder] Doesn't sanitize HTML in textareaswebdorado, thank you; that’s good to know. I think it would still be nice to be able to sanitize just the tokens (if that’s what you call them? Things like %all%), though.