From e118e044c20e6fe953b368ae5c43511de210ef63 Mon Sep 17 00:00:00 2001
From: Benni Mack <benni@typo3.org>
Date: Fri, 22 Jan 2016 08:31:14 +0100
Subject: [PATCH] [!!!][TASK] RTE transformations: Remove hsc options

The option to re-convert htmlspecialchars() between transformations
RTE and DB is always on, in order to clean HTML is always turned
on, meaning that the HTMLcleaner() method will not do htmlspecialchars() at all by default.

As these additional options is now obsolete with the current rtehtmlarea
extension (thus, always "enabled"), the options are removed.

Resolves: #72889
Releases: master
Change-Id: I6092054c65a031615546ceff9ee70a94f3033ec7
Reviewed-on: https://review.typo3.org/46145
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Markus Sommer <markussom@posteo.de>
Tested-by: Markus Sommer <markussom@posteo.de>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
---
 .../core/Classes/Html/RteHtmlParser.php       |  8 ++----
 ...rHtmlspecialcharsTransformationOptions.rst | 27 +++++++++++++++++++
 .../PageTSconfig/Proc/pageTSConfig.txt        |  4 ---
 3 files changed, 29 insertions(+), 10 deletions(-)
 create mode 100644 typo3/sysext/core/Documentation/Changelog/master/Breaking-72889-RemovedRteHtmlParserHtmlspecialcharsTransformationOptions.rst

diff --git a/typo3/sysext/core/Classes/Html/RteHtmlParser.php b/typo3/sysext/core/Classes/Html/RteHtmlParser.php
index 45be33b63039..f35e214fe6bd 100644
--- a/typo3/sysext/core/Classes/Html/RteHtmlParser.php
+++ b/typo3/sysext/core/Classes/Html/RteHtmlParser.php
@@ -908,9 +908,7 @@ class RteHtmlParser extends HtmlParser
         $keepTags = $this->getKeepTags('db');
         // Default: remove unknown tags.
         $keepUnknownTags = (bool)$this->procOptions['dontRemoveUnknownTags_db'];
-        // Default: re-convert literals to characters (that is &lt; to <)
-        $hSC = $this->procOptions['dontUndoHSC_db'] ? 0 : -1;
-        return $this->HTMLcleaner($content, $keepTags, $keepUnknownTags, $hSC);
+        return $this->HTMLcleaner($content, $keepTags, $keepUnknownTags);
     }
 
     /**
@@ -1124,8 +1122,6 @@ class RteHtmlParser extends HtmlParser
         $keepTags = $this->getKeepTags('rte');
         // Default: remove unknown tags.
         $kUknown = $this->procOptions['dontProtectUnknownTags_rte'] ? 0 : 'protect';
-        // Default: re-convert literals to characters (that is &lt; to <)
-        $hSC = $this->procOptions['dontHSC_rte'] ? 0 : 1;
         $convNBSP = !$this->procOptions['dontConvAmpInNBSP_rte'] ? 1 : 0;
         // Divide the content into lines, based on LF:
         $parts = explode(LF, $value);
@@ -1136,7 +1132,7 @@ class RteHtmlParser extends HtmlParser
                 $parts[$k] = '&nbsp;';
             } else {
                 // Clean the line content:
-                $parts[$k] = $this->HTMLcleaner($parts[$k], $keepTags, $kUknown, $hSC);
+                $parts[$k] = $this->HTMLcleaner($parts[$k], $keepTags, $kUknown);
                 if ($convNBSP) {
                     $parts[$k] = str_replace('&amp;nbsp;', '&nbsp;', $parts[$k]);
                 }
diff --git a/typo3/sysext/core/Documentation/Changelog/master/Breaking-72889-RemovedRteHtmlParserHtmlspecialcharsTransformationOptions.rst b/typo3/sysext/core/Documentation/Changelog/master/Breaking-72889-RemovedRteHtmlParserHtmlspecialcharsTransformationOptions.rst
new file mode 100644
index 000000000000..d97675e0030c
--- /dev/null
+++ b/typo3/sysext/core/Documentation/Changelog/master/Breaking-72889-RemovedRteHtmlParserHtmlspecialcharsTransformationOptions.rst
@@ -0,0 +1,27 @@
+==================================================================================
+Breaking: #72889 - Removed RteHtmlParser htmlspecialchars() transformation options
+==================================================================================
+
+Description
+===========
+
+The TSconfig options ``RTE.default.proc.dontHSC_rte`` and ``RTE.default.proc.dontUndoHSC_db`` were removed from the TYPO3 Core.
+
+
+Impact
+======
+
+Setting these options have no effect anymore.
+
+
+Affected Installations
+======================
+
+Any installation using these options for properly applying htmlspecialchars() to the RTE content when cleaning the HTML
+input from an RTE and vice versa.
+
+
+Migration
+=========
+
+Use ``entryHtmlParser`` and ``exitHtmlParser`` to apply htmlspecialchars while transforming content from the RTE or to the RTE.
\ No newline at end of file
diff --git a/typo3/sysext/rtehtmlarea/Configuration/PageTSconfig/Proc/pageTSConfig.txt b/typo3/sysext/rtehtmlarea/Configuration/PageTSconfig/Proc/pageTSConfig.txt
index 2ee5bde67e36..0d4754bcad69 100644
--- a/typo3/sysext/rtehtmlarea/Configuration/PageTSconfig/Proc/pageTSConfig.txt
+++ b/typo3/sysext/rtehtmlarea/Configuration/PageTSconfig/Proc/pageTSConfig.txt
@@ -45,10 +45,6 @@ RTE.default.proc {
 		## REMAP BOLD AND ITALIC TO STRONG AND EMPHASIS AND VICE VERSA
 	transformBoldAndItalicTags = 1
 
-		## ALLOW TO WRITE ABOUT HTML
-	dontUndoHSC_db = 1
-	dontHSC_rte = 1
-
 		## CONTENT TO DATABASE
 	entryHTMLparser_db = 1
 	entryHTMLparser_db {
-- 
GitLab