'\r\n' special characters appear using certain text in string fields

book

Article ID: 122837

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

Character issue when creating status reports, updating ideas, etc, where special characters such as \r\n \\r\\n1, \\r\\n2, \\r\\n3 appear. Example field where users may see the issue is in the Key Accomplishments field or a Comments field in an Idea.

It happens if there is a parenthesis with certain key words. If you remove the parenthesis, the issue goes away. 

Steps to Reproduce

  1. For a project, go to Properties > Status Reports (cop_prj_statusrpt)
  2. Create a new Status Report
  3. Copy and paste the following text into the Status Report Update attribute (or any other long String type field such as Key Accomplishments, Upcoming Activities...)
Some text.
Confirm (something else).
  1. Save the Status Report

Expected Results: The text is saved as it was copied or typed.

Actual Results: Special characters will appear. The text will look like this: Some text.\r\nConfirm (something else).

Cause

This was reported as DE45234 and it is not a defect. The text contains the JavaScript function "confirm (any string here)" to display the confirmation message box, which Clarity escapes to avoid potential XSS attacks.

You will see the same for the following keywords:

(retrieval | alert | eval | expression | prompt | confirm)[\r\n\s]*\((.*?)\)

Resolution

Refrain from using this type of strings in text fields.

  • Use square brackets "[" "]" or curly braces "{" "}" instead of parenthesis "(" ")" and the system will not encode the string.
  • Another option is to rename the keyword such as 'exp' instead of expression