[
https://issues.apache.org/jira/browse/YETUS-457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15468979#comment-15468979
]
Andrew Wang commented on YETUS-457:
-----------------------------------
You can look at the live output here, I might just go in manually and fix this
up though:
http://hadoop.apache.org/docs/r3.0.0-alpha1/hadoop-project-dist/hadoop-common/release/3.0.0-alpha1/CHANGES.3.0.0-alpha1.html
The issues I'm seeing are also with the JIRA summaries, not the release note
field, though there could be some of those too. There are quotes, angle
brackets, hashes, and dollar signs, which all are possible hazards.
If you could boil down any code review comments I'd also appreciate that. The
apt escaping seems like something to fix; if there's a list of doxia-flavored
markdown entities that need to be escaped, I'd like to link that as
documentation.
bq. When markdown_sanitize is called, it's used when the format is already in
markdown format. The sanitization here is primarily for python, since it blows
up if the input isn't in UTF-8 for certain routines.
I understand the purpose of this method, but I still think it should be called
something else since other languages have similar named functions (e.g. Ruby's
html_escape, PHP's htmlspecialchars, etc.) that are meant to output safe text
for that format.
The fact it has no callers right now is why I recommended just inlining to
avoid a naming discussion.
> RDM does not properly escape entities
> -------------------------------------
>
> Key: YETUS-457
> URL: https://issues.apache.org/jira/browse/YETUS-457
> Project: Yetus
> Issue Type: Bug
> Affects Versions: 0.3.0
> Reporter: Andrew Wang
> Assignee: Andrew Wang
> Priority: Critical
> Attachments: YETUS-457.001.patch
>
>
> Noticed while browsing the Hadoop 3.0.0-alpha1 changelog. Quotes and possibly
> some other entities are not escaped properly, leading to malformed markdown
> output.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
