Skip to content
Snippets Groups Projects
Commit b2d9f4ec authored by Oliver Hader's avatar Oliver Hader Committed by Oliver Hader
Browse files

[BUGFIX] Allow HTML node onclick events in generated frontend markup 

`ContentObjectRenderer` and `AbstractMenuContentObject` are still relying
HTML event attribute `onclick` to open new client window instances,
which were (correctly) removed by HTML sanitizer.

In order to keep the functionality, exceptional declarations have been
added, and `vHWin=window.open(...)` substituted by `openPic(...)`.

Resolves: #94866
Releases: master, 11.3, 10.4, 9.5
Change-Id: I961746b3776d12f302933ebb775ab215bdcd85ab
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/70551


Tested-by: default avatarBenni Mack <benni@typo3.org>
Tested-by: default avatarcore-ci <typo3@b13.com>
Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: default avatarBenni Mack <benni@typo3.org>
Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent ab1d989c
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 32 additions and 7 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment