Notifications

38 views

Description

When the system property '"glide.ui.escape_text" is set to true, if an HTML field is updated with the style tag and is added on the activity stream, the style gets applied to the entire form.

Steps to Reproduce

1. If you have high security activated, set the system propertys "glide.ui.escape_text" to true.
2. Clear cache (cache.do).
3. Go to the incident form (incident.do).
4. Use Configure > Form Layout to add an HTML Field called "Test HTML".
6. Open the newly created record and update the 'Test HTML' field with the following value in HTML source:

<p>&nbsp;</p>
<style><!--
body { margin: 0; padding: 0; font-family: "verdana"; font-size: 75%; text-decoration: none; color: #7b7b7b; background: #FFF; } img { border: none } width: 98%; margin: 10px 15px; padding: 0; } table.emailContent { width: 602px;<span id="CmCaReT"></span> margin: 0; padding: 0; background: #FFF; } table.emailContent td.header { background: #297779; color: #FFF; text-decoration: none; } table.emailContent td.header h1 { margin: 0; padding-left: 6px; line-height: 2em; font-family: "verdana"; font-size: 1.4em; text-decoration: none; color: #FFF; } table.emailContent td.content { background: #dce7ee; color: #5588a9; text-decoration: none; } table.emailContent tr td p { margin: 8px 15px; line-height: 1.8em; } table.emailContent tr td ul.indented { font-style: italic; /*padding: 4px 4px 15px 45px;*/ } img.link {margin: 4px 20px}
--></style>
<p>&nbsp;Test</p>

7. Go to the activity section and click on the Funnel (Filter) icon.
8. Scroll down and click on "Configure availble fields" link.
9. Add the "Test HTML" field in the slushbucket. The form's labels change to small due to the style applied to entire form from the 'Test HTML' field.

This behaviour can also be reproduced by simply adding the following into either the 'Work notes' or 'Additional comments' field, within [code][/code] tags:

<style>body { font-size: 16pt; color: rgb(150, 150, 150); }</style>

Other such style tags could have an even more detrimental effect, for example <style>body { display:none; }</style> would blank the entire form.

Workaround

This problem is fixed in all currently supported releases. Review the Fixed In section to determine the latest version with a permanent fix your instance can be upgraded to.


Related Problem: PRB1319070

Seen In

London

Fixed In

New York

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2020-07-19 00:16:15
Published:2020-07-19