Per Einar Ellefsen wrote:
Look what brain damage these long vacations do to people. Next time you think to have a long break, just say 'No!'. :)basically, Martin has asked for single quotes to be automatically escaped by
escape_html(), alongside the other 4 escapes (<, >, &, ").
Don't we have a problem with backwards compatibility here? If people were adding extra code to escape ' without checking that it's already escaped, now if we do it in escape_html(), there is a problem as it'd be escaped twice. Thus this change will break other people's code.
If it's already escaped, it can't be escaped one more time, because when escaped it's become ', so there's no single quote there to escape again. So no backward compatibility problem.
Thanks for recovering some of my lost cells Per Einar.
+1.Perhaps, escape_html() could optionally accept a range of chars to escape similar to HTML::Entities::encode_entities, and then the problem is solved without breaking anything.
I think this is going a little too far, especially for 1.0. I think we should just make this small change, and leave it as is afterwards.
Though it won't really matter much as the next 1.0 release probably won't happen any time soon :)
__________________________________________________________________
Stas Bekman JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide ---> http://perl.apache.org
mailto:stas@;stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org http://ticketmaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
