I've noticed two things related to escaping entities that have caused
problems and don't seem right over the last few days:
1) Post titles are being escaped before being saved to a database, ie:
"Some & Thing" is the content in the DB. This doesn't seem
intentional, as it's only happening with content created via the admin
(posts pulled in from WordPress aren't escaped). This may be part of
SuperGlobals / InputFilter that isn't intended, but content shouldn't be
escaped when saved, only when output.
2) Post content isn't being escaped on output. I know this is somewhat
intentional, since we want to allow things like javascript to be
included in a post. Still, when & isn't escaped in the content it can
cause problems. I'm not sure how to fix this, but it definitely seems
that if we run AutoP on content it should escape entities.
Anyone know why post titles are being escaped but content isn't when
saving? Any idea how we could escape content without breaking javascript
/ images / etc.?
--
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at http://groups.google.com/group/habari-dev
