Hi there,

I've just got a severe display error on couchcms 1.4.7. Some html tags are shown on some of my pages... <fieldset><legend>

When clicking ctrl-u in firefox, I see that couch converted < to &lt; and > to &gt;
When I try to change this in source mode, the changes don't take effect. The tags are still shown. And couch additionally adds a <p>-tag without my contribution. The interesting part is, when I download the source-file from server, the code is all right! Obviously, couch makes these changes happen. I don't see any possibility to change that. What could be the problem? How can I solve that display error?

django

[trendoman]

This behavior is often relevant to richtext editor. I'm 100% sure, Couch has nothing to do with what happens. However, if you could provide more info (source, screenshots, temporary ftp) then we are happy to help here.

HEy trendoman, you may be right that it is not couch causing this display error but ckeditor.
The following image shows the problem:

panel-1.PNG (25.65 KiB) Viewed 2450 times

I underscored the regions that cause the problem. You see there for example '&lt;'
But instead the sign itself '<' should be shown and not the html equivalent. Changing '&lt;' to '<' does not change anything in source mode of the richtext editor. But, as already described, when l login to my server via ftp and check the original source file contact.php, everything is normal:

source1.PNG (9.79 KiB) Viewed 2450 times

But when I look in firefox at the source code by clicking ctrl-u, I get the following result:

source2.PNG (13.74 KiB) Viewed 2450 times

So it's quite confusing. Actually it's the one and same content shown differently. May it's a security feature of the ckeditor that turns all tag signs < and > to its html equivalent exactly what the PHP function htmlspecialchars does?

django

Just want to let you know that I could solve it on my own by moving

Code: Select all

<cms:editable name='main_content' toolbar='full' css="<cms:embed 'global/editableCSS.html' />" type='richtext'>

behind

Code: Select all

<fieldset><legend>Kontakt</legend>

As fieldset and legend aren't inside the <cms:editable> tag anymore, it works now fine. But still I don't understand the display error I had before. If you know what it was I would appreciate a reply. Thanks!

django

[trendoman]

@django, isn't it about the XSS check also? Couch prevents script attacks. Check this to disable this feature:
http://www.couchcms.com/docs/tags-reference/embed.html

Ah, this seems to be a very good point! Thanks for the support trendoman...

django

[trendoman]

You are welcome!