diff --git a/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php b/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php index e3b5b8c3b..cebe22e00 100644 --- a/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php +++ b/src/Forms/GridField/GridFieldDetailForm_ItemRequest.php @@ -541,12 +541,12 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler 'Saved {type} "{title}" successfully.', [ 'type' => $this->record->i18n_singular_name(), - 'title' => Convert::raw2xml($this->record->Title) + 'title' => $this->record->Title ] ); $controller = $this->getToplevelController(); - $controller->getResponse()->addHeader('X-Status', $message); + $controller->getResponse()->addHeader('X-Status', rawurlencode($message)); // Redirect after save return $this->redirectAfterSave($isNewRecord); @@ -779,7 +779,6 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler */ public function doDelete($data, $form) { - $title = $this->record->Title; if (!$this->record->canDelete()) { throw new ValidationException( _t('SilverStripe\\Forms\\GridField\\GridFieldDetailForm.DeletePermissionsFailure', "No delete permissions") @@ -792,7 +791,7 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler 'Deleted {type} "{name}"', [ 'type' => $this->record->i18n_singular_name(), - 'name' => htmlspecialchars($title ?? '', ENT_QUOTES) + 'name' => $this->record->Title ] ); @@ -807,7 +806,7 @@ class GridFieldDetailForm_ItemRequest extends RequestHandler //when an item is deleted, redirect to the parent controller $controller = $this->getToplevelController(); $controller->getRequest()->addHeader('X-Pjax', 'Content'); // Force a content refresh - $controller->getResponse()->addHeader('X-Status', $message); + $controller->getResponse()->addHeader('X-Status', rawurlencode($message)); return $controller->redirect($this->getBackLink(), 302); //redirect back to admin section }