You are not logged in.
Hi,
in Version 0.80.4 (or before) we created in the Knowledge Base of glpi some articels with inline images with the tinymce editor. It worked perfect. Before some weeks we updated to to 0.83.4. We noticed that these articels couldnt be rendered any more. We see the base64 stream of the images. But the Tinymce editor did show it correctly in glpi.
Looking at the html code there was a denied befor the data variable and it couldnt handel the no image type *:
it was:
<img style="height: 3.069cm; width: 17cm;" src="denied:data:image/*;base64,iVBORw..
we changed it to
<img style="height: 3.069cm; width: 17cm;" src="data:image/png;base64,iVBORw
the png we added could add in Tinymce
I found in the library lib/htmlawd/htmlawd.php in line 337 and the if clase before where the denied was added.
When I changed (what isnt a solution, but I didnt understand the if clase) for a test
return "{$b}{$d}{$p}{$a}";
to
return "{$b}{$p}{$a}";
the denied disappeard. And the first images did show up.
But now there came up a second problem only for some images. For these the line wasnt:
<img style="height: 3.069cm; width: 17cm;" src="data:image/png;base64,
it was
<img style="height: 3.069cm; width: 17cm;" src="data:image/png;base64,
I couldnt find any reason for this. It seemed that all lines hat the same stucture.
Does GLPI support inline images? it seemed in 0.80.x. In which case it will reformat < to <?
Thanks for your help
Holger
Offline
Hi,
Someone from GLPI Team can look at this problem, I have exactly the same ?
Thanks...
Offline
Please do not use the suggestion above.
This will introduce additional vulnerabilities.
Check my post here for a fix.
http://sysengineers.wordpress.com/2013/ … ledgebase/
Anywayz, I hope this helps,
Regards,
Last edited by chris.gralike@amis.nl (2013-10-29 13:54:58)
\\ [-_-] //
|||
// \\
Offline