perl-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stas Bekman <s...@stason.org>
Subject Re: [Patch 1.3] Apache::Util::escape_html()
Date Thu, 14 Nov 2002 07:07:00 GMT
Per Einar Ellefsen wrote:

>>>    basically, Martin has asked for single quotes to be automatically 
>>> escaped by
>>> escape_html(), alongside the other 4 escapes (<, >, &, ").
>>
>>
>> Don't we have a problem with backwards compatibility here? If people 
>> were adding extra code to escape ' without checking that it's already 
>> escaped, now if we do it in escape_html(), there is a problem as it'd 
>> be escaped twice. Thus this change will break other people's code.
> 
> 
> If it's already escaped, it can't be escaped one more time, because when 
> escaped it's become &apos;, so there's no single quote there to escape 
> again. So no backward compatibility problem.

Look what brain damage these long vacations do to people. Next time you 
think to have a long break, just say 'No!'. :)

Thanks for recovering some of my lost cells Per Einar.

>> Perhaps, escape_html() could optionally accept a range of chars to 
>> escape similar to HTML::Entities::encode_entities, and then the 
>> problem is solved without breaking anything.
> 
> 
> I think this is going a little too far, especially for 1.0. I think we 
> should just make this small change, and leave it as is afterwards.

+1.

Though it won't really matter much as the next 1.0 release probably 
won't happen any time soon :)

__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@perl.apache.org
For additional commands, e-mail: dev-help@perl.apache.org


Mime
View raw message