Improperly HTML escaping
------------------------
Key: WICKET-1311
URL: https://issues.apache.org/jira/browse/WICKET-1311
Project: Wicket
Issue Type: Bug
Components: wicket
Affects Versions: 1.3.0-final
Environment: Web Browser ... :-)
Reporter: Carsten
The method Strings.escapeMarkup() does not fullfill its contract.
It does NOT escape all input but instead GUESSES and so it does not escape the
String "&#" because it assumes
an entity.
This message should not guess about it's input but escape blindly.
If an entity hould be "tunnelled through", there should be some kind of
attributation.
Using the current code it's not possible to have a text value of e.g. ''
getting properly displayed
as exactly these 5 chars.
(Try it at http://wicketstuff.org/wicket13/compref/?wicket:interface=:0::::)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
