Some images in ubercart still use the HTML 4 ending ">" instead of XHTML "/>".
A fulltext search for "Only local images are allowed. - uc_2checkout_payment_method
- uc_credit_payment_method
- etc

Maybe there is more of this in other submodules.

Thanks!

CommentFileSizeAuthor
#6 643468-image-tags.patch5.01 KBtr
#2 643468-image-tags.patch5.01 KBtr

Comments

donquixote’s picture

The built-in sanitizer has removed a part of my post.
Here is the full version with the < properly escaped as &lt;

Some images in ubercart still use the HTML 4 ending ">" instead of XHTML "/>".
A fulltext search for "<img" in ubercart/payment finds the following:
- uc_2checkout_payment_method
- uc_credit_payment_method
- etc

Maybe there is more of this in other submodules.

Thanks!

tr’s picture

Assigned: Unassigned » tr
Status: Active » Needs review
StatusFileSize
new5.01 KB

I did a search and rolled a patch to fix all occurrences I could find.

rvilar’s picture

@TR Your patch looks good but in "payment/uc_credit/uc_credit.module" line 1004 you have closed the /a tag intead the /img tag:

- .' Only local images are allowed. '
+ .' Only local images are allowed.
'

The correct solution is:

+ .' Only local images are allowed. '

rvilar’s picture

Status: Needs review » Needs work

Changing the status

rvilar’s picture

The built-in sanitizer has removed a part of my post...

@TR Your patch looks good but in "payment/uc_credit/uc_credit.module" line 1004 you have closed the /a tag intead the /img tag:

- .' <img src="'. $path .'/images/info.png" onclick="cvv_info_popup();" style="cursor: pointer; position: relative; top: 3px;"> <a style="cursor: pointer; font-weight: normal;" onclick="cvv_info_popup();">'
+ .'<img src="'. $path .'/images/info.png" onclick="cvv_info_popup();" style="cursor: pointer; position: relative; top: 3px;"> <a style="cursor: pointer; font-weight: normal;" onclick="cvv_info_popup();" />'

The correct solution is:

+ .'<img src="'. $path .'/images/info.png" onclick="cvv_info_popup();" style="cursor: pointer; position: relative; top: 3px;" /> <a style="cursor: pointer; font-weight: normal;" onclick="cvv_info_popup();">'
tr’s picture

Status: Needs work » Needs review
StatusFileSize
new5.01 KB

Re-rolled patch to fix #5. Thanks for catching that.

Island Usurper’s picture

Status: Needs review » Fixed

Thanks, guys. Looks good.

Committed. Now, I wonder what people are going to do when they want to make an HTML 5 theme....

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.