Actions
Defect #13539
closed
html entities appear in subject line (aka xml escape codes)
Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Issues
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Affected version:
Description
We recently performed the security fix for our 1.4.x redmine instance that involved upgrading rails:
http://www.redmine.org/news/78
... and now whenever a subject contains a special character, updating that ticket causes the escape code to be stored as the new subject.
e.g.
Ticket is opened with subject "user's email"
Someone leaves a comment
Subject is automatically changed to "user's email"
As you can imagine, it's very annoying.
I'm sure it's related to the new (and probably safer) handling of field input, but it seems that there should be an easy fix (it's just double encoded).
If this was already addressed somewhere between 1.4.4 & 1.4.7, can someone point to the fixing commit, please?
Updated by 
Updated by Toshi MARUYAMA
Actions