From b5d045d34d5c3521901769e81713e734d003c6e6 Mon Sep 17 00:00:00 2001 From: Mauro Cassani Date: Thu, 12 Mar 2026 18:24:04 +0100 Subject: [PATCH 1/2] Added `html_entity_decode` before saving instructions --- lib/Controller/API/V3/FileInfoController.php | 2 +- lib/Model/ProjectManager/ProjectManager.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/Controller/API/V3/FileInfoController.php b/lib/Controller/API/V3/FileInfoController.php index b8dec9f3a6..633cb5704e 100644 --- a/lib/Controller/API/V3/FileInfoController.php +++ b/lib/Controller/API/V3/FileInfoController.php @@ -112,7 +112,7 @@ public function setInstructions(): void $instructions = $this->request->param('instructions'); $filesInfoUtility = new FilesInfoUtility($this->chunk); - $instructions = $this->featureSet->filter('decodeInstructions', $instructions); + $instructions = html_entity_decode($instructions); if (empty($instructions)) { throw new InvalidArgumentException("Empty instructions provided"); diff --git a/lib/Model/ProjectManager/ProjectManager.php b/lib/Model/ProjectManager/ProjectManager.php index db65335e07..b0f8eb2b15 100644 --- a/lib/Model/ProjectManager/ProjectManager.php +++ b/lib/Model/ProjectManager/ProjectManager.php @@ -2495,7 +2495,7 @@ protected function _insertFiles($_originalFileNames, $sha1_original, $cachedXlif */ protected function _insertInstructions($fid, $value): void { - $value = $this->features->filter('decodeInstructions', $value); + $value = html_entity_decode($value); $this->filesMetadataDao->insert($this->projectStructure['id_project'], $fid, 'instructions', $value); } From 4076281b21ca28985a8926353a9b032cea1a5559 Mon Sep 17 00:00:00 2001 From: Mauro Cassani Date: Mon, 16 Mar 2026 15:44:47 +0100 Subject: [PATCH 2/2] encodeInstructions --- lib/Controller/API/V1/NewController.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/Controller/API/V1/NewController.php b/lib/Controller/API/V1/NewController.php index 89c530cff0..dcd2e03656 100644 --- a/lib/Controller/API/V1/NewController.php +++ b/lib/Controller/API/V1/NewController.php @@ -403,10 +403,8 @@ private function validateTheRequest(): array 'flags' => FILTER_REQUIRE_ARRAY, 'options' => function ($value) { $value = Utils::stripTagsPreservingHrefs($value); - /** - * Uber plugin callback - */ - return $this->featureSet->filter('encodeInstructions', $value); + + return htmlentities($value); } ] );