As title. Previously, goal names and patterns were escaped in the Goals controller by calling the
Common::sanitizeInputValue() method, and then outputted w/
|raw in twig. This PR removes the manual escaping in the Goals controller and removes the
|raw filters in related twig files. It also makes sure jqplot evolution graphs escape series and metric names before displaying tooltips.
This fixes #7969, because goal data is used in the JSON jqplot graph data, and since it was escaped in the PHP, it ended up escaped in the JSON. Then jqplot escaped it again.
Awesome :+1: An update script might be needed to unsanitize existing values in database?
Goal names are stored unsanitized. And they were sanitized in PHP, and outputted w/o escaping in twig. Different from every other part of Piwik, and yet, still wrong. Hooray for inconsistency :)
Haha ok I wasn't expecting that :)