On Fri, Feb 13, 2009 at 10:41 AM, Jason Grout <[email protected]> wrote: > > mabshoff wrote: >> >> >> On Feb 13, 10:10 am, Harald Schilly <[email protected]> wrote: >> >> Hi, >> >>> I got a bug report from the "report a problem" link in the notebook >>> about html character escaping. >>> It's inconsistent because it escapes html tags, but not &...; special >>> html characters. >>> I'm posting this to start a discussion if this is a bug or not or >>> other implicatoins... >>> >>> Example: >>> >>> In >>> >>> print "& & ¬" >>> print "<b>foo</b>" >>> html("& & ¬") >>> html("<b>foo</b>") >>> >>> Out >>> >>> & & ¬ <<< should be "& & ¬" >>> (but the browser interprets the html characters >>> and it looks different) >>> <b>foo</b> >>> & & ¬ >>> *foo* <<< in bold >> >> Hmm, there was some recent bugfix about a similar problem for TinyMCE >> IIRC, so it does sound familiar. Have you tried 3.3.rc0 to see if the >> problem is still there? >> > > Yes, this still happens on rc0. The problem fixed before was not on > TinyMCE per se, but on the escaping when dealing with the edit mode. > > I see lots of places that only < is escaped, and not &, in notebook.py, > cell.py, etc. Would it be fairly safe to, whenever we escape <, escape > & as well?
That seems like a very good idea. I can tell you why < is escaped frequently, but & isn't: I didn't know that one needs to escape & when I was writing that code in the notebook. It would be best to factor out any code that escapes < into a new function that does all escapes, then have it do both < and &. William --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
