Status/Resolution/Reason: To Track//ThirdParty
Reporter/Name(from Bugbase): David Mitchell / David Mitchell ()
Created: 03/13/2017
Components: Language, String Functions
Versions: 2016,11.0
Failure Type: Data Loss
Found In Build/Fixed In Build: ColdFusion 11 Update 11 /
Priority/Frequency: Critical / All users will encounter
Locale/System: / Windows 10 64 bit
Vote Count: 0
Problem Description:
Since update 11 when using getSafeHTML with the default policy certain tags which are defined to be removed by the policy truncate all data following the end tag (in addition to the tag itself) if they are the first tag in the string.
We have noticed this behavior on the <frame> tag. This behavior is in conflict with the behavior of the <iframe> tag which has the same policy action applied to it. And different yet again is the behavior of the <frameset> tag.
Steps to Reproduce:
<cfscript>
frame = '<frame>remove</frame><div>should not be removed</div>';
writedump("before [" & frame & "]");
writeoutput("<br>");
writedump("after [" & getSafeHTML(frame) & "]");
</cfscript>
Actual Result:
before [<frame>remove</frame><div>should not be removed</div>]
after []
Expected Result:
before [<frame>remove</frame><div>should not be removed</div>]
after [<div>should not be removed</div>]
Any Workarounds:Attachments:
Comments: