diff --git a/controllers/BaseController.php b/controllers/BaseController.php index eacbcbba..284843ac 100644 --- a/controllers/BaseController.php +++ b/controllers/BaseController.php @@ -229,12 +229,12 @@ class BaseController if (!is_bool($value) && !is_array($value)) { $value = self::$htmlPurifierInstance->purify($value); - } - // Allow some special chars - if (!is_array($value)) - { + // Allow some special chars + // Maybe also possible through HTMLPurifier config (http://htmlpurifier.org/live/configdoc/plain.html) $value = str_replace('&', '&', $value); + $value = str_replace('>', '>', $value); + $value = str_replace('<', '<', $value); } }