Feedback writes username and email to watchdog log as

name <name@email.com>

which is read by the browser and parsed as HTML, instead it should write

name &lt;name@email.com&gt;

to have the browser print the characters, not attempt to parse it as a tag.

I've also modified Feedback to write name, email, subject as well as the message body to the log so I can see if emails weren't delivered. I also included a mailto: link that quotes subject and body for writing replies easily.

Comments

sun’s picture

sun
Primary language German
Location Karlsruhe
commented
Status: Active » Closed (won't fix)

Development on Feedback module v1.x has ended. Beginning from 2.x, the Feedback module has been replaced with a completely different module with a different purpose. Please note that Feedback 2.x is not compatible with 1.x. See #279636: Turn Feedback into user feedback module for further information.

There will be a final 5.x-1.1 release with all existing and tested patches in the issue queue applied. If you need the functionality of the Feedback 1.x module, the Contact module in Drupal core as well as the contributed Webform module are recommended replacements. However, there is no migration path to those modules.

Marking as won't fix.