[
https://issues.apache.org/jira/browse/CLK-674?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12873584#action_12873584
]
Bob Schellink commented on CLK-674:
-----------------------------------
This change has been checked in. Only 5 entities are now escaped namely: " &
' < >
> Escape control values as xml entities instead of html
> -----------------------------------------------------
>
> Key: CLK-674
> URL: https://issues.apache.org/jira/browse/CLK-674
> Project: Click
> Issue Type: Improvement
> Components: core
> Affects Versions: 2.2.0
> Reporter: Bob Schellink
> Assignee: Bob Schellink
> Fix For: 2.3.0-M1
>
>
> Click escapes Control values and attributes using HTML entities, which
> doesn't play nice when returning XML payloads for Ajax requests.
> I suggest we only escape dangerous HTML characters > < " ' &, with the option
> of switching escaping off.
> Is there any reason to escape all HTML entities?
> PS: Apostrophe should be escaped as "& #039;" not "& apos;". apos is not a
> valid HTML entity
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
