Re: [engine] StringEscapeUtils

2019-03-09 Thread Michael Osipov
Am 2019-03-07 um 13:08 schrieb Claude Brisson: The StringEscapeUtils class is moving from commons-lang3 to commons-text. We are using it in several reference insertion event handlers (to escape xml, javascript or html). For now the commons-lang3 version is still there, but deprecated. We sho

Re: [engine] StringEscapeUtils

2019-03-07 Thread Nathan Bubna
Hmm. I may not be the best to weigh in on this, as i never used event handlers for escaping. I always preferred the direct, explicit control of escaping via tools, and trusted myself (YMMV) not to forget escaping anywhere important. I'll definitely agree that we shouldn't shade. I'm perfectly comf

[engine] StringEscapeUtils

2019-03-07 Thread Claude Brisson
The StringEscapeUtils class is moving from commons-lang3 to commons-text. We are using it in several reference insertion event handlers (to escape xml, javascript or html). For now the commons-lang3 version is still there, but deprecated. We should address this in engine 2.1, but how? 1) ju