Sitecore FieldRenderer output differences between CMS 6.5 and 7.0

StackOverflow https://stackoverflow.com//questions/21048909

  •  21-12-2019
  •  | 
  •  

Question

I've recently been moving content and codebase from an old Sitecore CMS 6.5 installation (with quite a number of customisations) to a clean installation of CMS 7.0.

In the original site a Single-line text field had been used to render arbitrary Javascript into the page (for tracking). This worked fine and the Javascript was rendered into the page, unencoded and executed as expected.

However in the new installation I have noticed that the content is now HTML encoded, which means that it does not execute under the Sitecore 7 installation I am working with.

In my Sublayout I have a FieldRenderer like this:

<sc:FieldRenderer ID="tracker" FieldName="Script" runat="server" />

I'm not sure if there is a customisation / config that I have not migrated across, or if this is a change which has been introduced in Sitecore 7 (possibly for secuity reasons).

Can anyone shed any light on this? Do I need to create my own field type to allow the desired behaviour, or is there a way I can do this with 'out of the box' field types?

Was it helpful?

Solution

I checked GetTextFieldValue processor class from Sitecore 6.5 and from 7 and looks different

This is from Sitecore 6.5 : Sitecore.Pipelines.RenderField.GetTextFieldValue 

 public void Process(RenderFieldArgs args)
   {
      Assert.ArgumentNotNull((object) args, "args");
      string fieldTypeKey = args.FieldTypeKey;
      if (fieldTypeKey != "text" && fieldTypeKey != "single-line text")
        return;
      args.WebEditParameters.Add("prevent-line-break", "true");
    }

and this one is from Sitecore 7 : Sitecore.Pipelines.RenderField.GetTextFieldValue 

 public void Process(RenderFieldArgs args)
{
  Assert.ArgumentNotNull((object) args, "args");
  string fieldTypeKey = args.FieldTypeKey;
  if (fieldTypeKey != "text" && fieldTypeKey != "single-line text")
    return;
  args.WebEditParameters.Add("prevent-line-break", "true");
  args.Result.FirstPart = HttpUtility.HtmlEncode(args.Result.FirstPart);
}

you can see on last line of code on Process method from Sitecore 7 result is encoded. You can create your own class for GetTextField processor and add it to RenderField pipeline but I suggest you to change your field from Single Line Text to Multi Line Text or to Memo Field .

I checked Sitecore.Pipelines.RenderField.GetMemoFieldValue class on both Sitecore 6.5 and 7 and implementation is same and the result is not encoded : 

namespace Sitecore.Pipelines.RenderField
{
  /// <summary>
  /// Implements the RenderField.
  /// 
  /// </summary>
  public class GetMemoFieldValue
  {
    /// <summary>
    /// Gets the field value.
    /// 
    /// </summary>
    /// <param name="args">The arguments.</param>
    public void Process(RenderFieldArgs args)
    {
      string fieldTypeKey = args.FieldTypeKey;
      if (fieldTypeKey != "memo" && fieldTypeKey != "multi-line text")
        return;
      string linebreaks = args.RenderParameters["linebreaks"];
      if (linebreaks == null)
        return;
      args.Result.FirstPart = GetMemoFieldValue.Replace(args.Result.FirstPart, linebreaks);
      args.Result.LastPart = GetMemoFieldValue.Replace(args.Result.LastPart, linebreaks);
      args.WebEditParameters.Add("linebreak", "br");
    }

    /// <summary>
    /// Replaces the specified linebreaks.
    /// 
    /// </summary>
    /// <param name="linebreaks">The linebreaks.</param><param name="output">The output.</param>
    /// <returns>
    /// The replace.
    /// </returns>
    private static string Replace(string output, string linebreaks)
    {
      output = output.Replace("\r\n", linebreaks);
      output = output.Replace("\n\r", linebreaks);
      output = output.Replace("\n", linebreaks);
      output = output.Replace("\r", linebreaks);
      return output;
    }
  }
}

Code for GetTextField was updated on Sitecore 6.6 Update 3, you can see on release history:

Page Editor In 6.6 Update-3, the pipeline was modified to HTML encode the field value when rendering single-line text fields (ref. no. 327905). This did not work correctly in the Page Editor which displayed the encoded value. And if the user saved the page, the already encoded value would be HTML encoded again. (384997)

I hope it helps.

OTHER TIPS

It seems that a lot of people have been confused by this post and started asking more and more to get the mentioned above fix.

There seems to be a bug in the FieldRenderer that prevents rendering HTML tags Sitecore CMS does NOT HTML encode

Sitecore CMS has not HTML encoded the field value when rendering Single-Line Text fields and Links fields before version 6.6 rev. 131111 (6.6 Update-3). As a result of this issue, a page that outputs values from the Single-Line Text and Links fields do not pass the W3C Markup Validation.

According to Sitecore CMS release notes, this issue has been addressed since Sitecore CMS 6.6 rev. 131111 (aka Update-3)

Layouts and renderings

  • The pipeline did not HTML encode the field value when rendering single-line text fields and link fields. (327905) Note: Encoding the field value when rendering link fields turned out to have unintended side-effects. The field value for link fields is therefore no longer encoded in 6.6 Update-5 and later (ref. no. 382059). [Added April 17, 2013]
  • The LinkRenderer class did not encode the value of the title attribute when rendering link fields. (327905, 347361) [Updated January 15, 2014]

Then it has been improved since Sitecore CMS 6.6.0 rev. 130404 (aka Update-5)

Layouts and renderings

  • In 6.6 Update-3, the pipeline was modified to HTML encode the field value when rendering link fields (ref. no. 327905). This turned out to have unintended side-effects, for example when embedding IMGs in a link field. The field value for link fields is therefore no longer encoded in 6.6 Update-5 and later. (382059)

And since CMS 6.6.0 rev. 130529 (aka Service Pack-1)

Page Editor

  • In 6.6 Update-3, the pipeline was modified to HTML encode the field value when rendering single-line text fields (ref. no. 327905). This did not work correctly in the Page Editor which displayed the encoded value. And if the user saved the page, the already encoded value would be HTML encoded again. (384997)

Starting from version 6.6 rev. 131111 (6.6 Update-3) and higher Sitecore CMS HTML encodes the value of the Single-Line Text fields and Links fields using the HttpUtility.HtmlEncode method.

The changes has been introduced in the GetTextValue processor as well as in the Sitecore.Xml.Xsl.LinkRenderer class.

<renderField>
  ...
  <processor type="Sitecore.Pipelines.RenderField.GetTextFieldValue, Sitecore.Kernel" />
  ...
</renderField>

You can get in contact with support, they know about the issue and have a fix available. You should ask for Sitecore.Support.381846.dll

The Sitecore.Support.381846 assembly has modified GetTextFieldValue processor, where the following code line is missed. 

args.Result.FirstPart = HttpUtility.HtmlEncode(args.Result.FirstPart);

This “fix” just brings the old behavior for Single-Line Text field. In other words, it introduces the old issue with reference number #327905 (see above for details).

Why everything is broken in my Sitecore solution after upgrading to Sitecore CMS 6.6 Update-3 and higher? Because you are incorrectly using Single-Line Text field. This field type does not suppose to store HTML or JavaScript. This is a content field type to store content value. If you store HTML Markup and JavaScript in your content fields, it means that you do not follow Sitecore best practice.

Summary:

  1. There is no issue with reference number #381846 (Sitecore.Support.381846.dll) in Sitecore CMS.
  2. The actual issue #327905 has been address since Sitecore CMS 6.6 Update-3.
  3. Sitecore HTML encode Single-Line Text and Links field types.
  4. Do not store HTML and Java Script or any presentation related meta-data in content fields such as Single-Line Text. Otherwise, there is a big chance that a content editor can broke entire page presentation if incorrectly change your HTML/JavaScript in Single-Line Text field.
  5. Content and its presentation must be split and stored separately.

I hope this helps to make it clear.

Best Wishes, Oleg Burov

Update-1:

Sitecore CMS and DMS 7.2 rev. 141226 (aka 7.2 Update-3) has introduced the Rendering.HtmlEncodedFieldTypes setting in the Web.config file, which specifies a pipe-separated list of field types that should be HTML encoded when rendered by the <renderField> pipeline.

<!--  RENDERING - HTML ENCODED FIELD TYPES
      Specifies a pipe-separated list of field types that should be HTML encoded when rendered by the <renderField> pipeline.
      Default value: text|single-line text
-->
<setting name="Rendering.HtmlEncodedFieldTypes" value="text|single-line text" />

Now you can control which Sitecore field types should be or shouldn't be HTML encoded.

We had the same issue when upgrading from Sitecore 6.5 to 7.0. There seems to be a bug in the FieldRenderer that prevents rendering HTML tags. You can get in contact with support, they know about the issue and have a fix available.

You should ask for Sitecore.Support.381846.dll which needs to be integrated like so:

Replace this line in web.config

<processor type="Sitecore.Pipelines.RenderField.GetTextFieldValue, Sitecore.Kernel" />

With this

<processor type="Sitecore.Support.Pipelines.RenderField.GetTextFieldValue, Sitecore.Support.381846" />

Hope this helps.

We had this issue and found this post. We have chosen to handle it by going straight to the database and update the Single text fields using nbsp and amp, these where our primary problem areas, the steps can be repeated for each encoded character you are handling. We chose to handle the link fields manually .

By running the replace in both Master and web you can omit a republishing of the fields.

Regards Jan

SELECT TOP 18000 * FROM [uat_Sitecore_master_new].[dbo].[VersionedFields] where (Value like '%&%;%' ) and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text') --and FieldId in (SElect ItemId FROM SharedFields where Value like 'General Link')

/* FIND ALL SINGLE LINE TEXT FIELDS HAVING NBSP / SELECT Replace(Value, ' ',' '), FROM [uat_Sitecore_master_new].[dbo].[VersionedFields] where (Value like '% %') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* REPLACE NBSP IN Single-Line Text FIELDS */ UPDATE [uat_Sitecore_master_new].[dbo].[VersionedFields] SET Value = Replace(Value, ' ',' ') where (Value like '% %') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

UPDATE [uat_Sitecore_web_new].[dbo].[VersionedFields] SET Value = Replace(Value, ' ',' ') where (Value like '% %') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* FIND ALL SINGLE LINE TEXT FIELDS HAVING AMP /
SELECT Replace(Value, '&','&'), FROM [uat_Sitecore_master_new].[dbo].[VersionedFields] where (Value like '%&%' ) and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* REPLACE AMP IN Single-Line Text FIELDS */
UPDATE [uat_Sitecore_master_new].[dbo].[VersionedFields] SET Value = Replace(Value, '&','&') where (Value like '%&%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

UPDATE [uat_Sitecore_web_new].[dbo].[VersionedFields] SET Value = Replace(Value, '&','&') where (Value like '%&%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* FIND ALL SINGLE LINE TEXT FIELDS HAVING ' ' /
SELECT Replace(Value, ''',''''), FROM [uat_Sitecore_master_new].[dbo].[VersionedFields] where (Value like '%'%' ) and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* REPLACE ' ' IN Single-Line Text FIELDS */
UPDATE [uat_Sitecore_master_new].[dbo].[VersionedFields] SET Value = Replace(Value, ''','''') where (Value like '%'%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

UPDATE [uat_Sitecore_web_new].[dbo].[VersionedFields] SET Value = Replace(Value, ''','''') where (Value like '%'%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* FIND ALL SINGLE LINE TEXT FIELDS HAVING " " /
SELECT Replace(Value, '"','"'), FROM [uat_Sitecore_master_new].[dbo].[VersionedFields] where (Value like '%"%' ) and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

/* REPLACE " " IN Single-Line Text FIELDS */
UPDATE [uat_Sitecore_master_new].[dbo].[VersionedFields] SET Value = Replace(Value, '"','"') where (Value like '%"%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

UPDATE [uat_Sitecore_web_new].[dbo].[VersionedFields] SET Value = Replace(Value, '"','"') where (Value like '%"%') and FieldId in (SElect ItemId FROM SharedFields where Value like 'Single-Line Text')

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top