TinyMCE has a default entity_encoding 'named',
which causes text with diacritic symbols to be converted to HTML entities,
e.g. pâté will be convert to pâté
That will be a problem with the Glossary auto-linking filter if a course has a text concept like pâté,
then the filter will likely fail to get the text concept.
Changing the TinyMCE entity_encoding to 'raw' will resolve the problem.
When the user picture is being rendered as a link but the user's full
name is not being included in the link and the alt text turns out to be
empty, we could end up with a link without a discernible text. This is
an accessibility issue that will affect screen reader users. If this is
the case, use the full name as the user picture's alt text.
Since custom menu items were merged into the primary navigation/more
menu as part of 56c34d71 and related work, the "title" attribute of
each custom menu item was lost.
Ensure that the following both return consistently, so that filepicker
form elements behave the same for each when defining "accepted_types":
'.html, .txt'
['.html', '.txt']
By using a more explicit selector for matching containers we avoid
previous problems such as incorrect count, and collapsing of elements
that had the same class name.
The problem is that HTML Purifier is not compatible with Markdown,
that means we cannot sanitise Markdown texts before editing.
Luckily Markdown has to use plain text editor which does not have
XSS problems.
The only tiny downside is that Markdown cannot be allowed
in "trust text" areas any more.
Introduce a lang string `questioniconfollowlangdirection` that will
allow the current behaviour of displaying the question mark icon
in RTL languages in the same manner as the current language.
This fixes the changes made in MDL-75047:
* Change `thisicondirection` langconfig string to a more specific one
like `questionicondirection`.
* Use existing direction string value `ltr` for the value of
`questionicondirection`. Also add a comment to at least provide some
form of documentation for it.
* Improve the logic for applying the horizontal flipping class for the
question icon:
- Check first if the icon is a question icon
- Flip the icon if `questionicondirection` is set to `rtl`.
This is in keeping with other Editors such as Atto and resolves an issue
where DOM Purification incorrectly identifies HTML-like string content
as an HTML tag with a JS variable.
Moodle already performs XSS sanitisation using HTML Purifier in PHP.
