On Fri, Feb 14, 2014 at 12:56:49PM -0500, Dalal, Kamber Z wrote: > My Custom Field value is: > > srch=abcd&earliest=klmtime&latest=xyztime > > In the Custom Field definition link value to is set as: > > http://myweb.domain.com/__CustomField__ > > The URL being generated is > http://myweb.domain.com/srch%3Dabcd%26earliest%3Dklmtime%26latest%3Dxyztime > > Instead of what should be: > > http://myweb.domain.com/srch=abcd&earliest=klmtime&latest=xyztime
Thanks - with better data I can now see what's happening.
RT makes a number of checks on the Custom Field content to protect
your users. Since Custom Fields could contain data from a malicious
user, we try to detect and avoid javascript and data URIs and block
them, and we URI Escape all user inputted data before generating the
link.
The relevant method is in ObjectCustomFieldValue.pm called
_FillInTemplateURL and you can see that it has configuration:
CustomField => { value => sub { $_[0]->Content }, escape => 1 },
You would need to define an ObjectCustomFieldValue_Local.pm to redefine
that method and avoid escaping on that one CF value unfortunately.
-kevin
pgp82gIYKTHBp.pgp
Description: PGP signature
-- RT Training London, March 19-20 and Dallas May 20-21 http://bestpractical.com/training
