Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On Fri, Mar 5, 2010 at 04:58, Sergiu Dumitriu ser...@xwiki.com wrote:
On 03/02/2010 08:20 PM, Thomas Mortagne wrote:
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriuser...@xwiki.com wrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications and
My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far as
I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes.
Where does it say that it should produce xhtml content?
public String getDisplayTitle(XWikiContext context)
{
return getRenderedTitle(Syntax.XHTML_1_0, context);
}
Assuming that it should produce xhtml, the behavior is inconsistent. If
the title is placed in the document.title field, then it returns
characters; if it is placed in the first heading, it returns escapes. If
we use wiki syntax in the document.title, we get back wiki syntax; if we
use wiki syntax in the first heading, we get back HTML. That is totally
inconsistent and confusing.
This is an API design problem that should be discussed further on the
dev list.
Going back to this specific problem, I think that it should be solved by
using the plaintext output syntax, since inside a panel we're not
interested in formatting or other markup inside the title, just the
textual content.
So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
I need to use getXMLEncoded because the title doesn't always come from
the content.
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On 03/05/2010 10:06 AM, Thomas Mortagne wrote:
On Fri, Mar 5, 2010 at 04:58, Sergiu Dumitriuser...@xwiki.com wrote:
On 03/02/2010 08:20 PM, Thomas Mortagne wrote:
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriuser...@xwiki.comwrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications
and My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle
will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far
as I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes.
Where does it say that it should produce xhtml content?
public String getDisplayTitle(XWikiContext context)
{
return getRenderedTitle(Syntax.XHTML_1_0, context);
}
I know that this is what it does, but why? The semantics of this method
changed over time. The method used (with 1.0 syntax) to return whatever
was in the title, interpreted but not rendered. So, if it did contain
html markup in it, then that was it. But the wiki markup wasn't rendered
into HTML. And it still behaves this way for the value placed in the
title field.
So, I don't agree with the behavior change and the inconsistency it creates.
Assuming that it should produce xhtml, the behavior is inconsistent. If
the title is placed in the document.title field, then it returns
characters; if it is placed in the first heading, it returns escapes. If
we use wiki syntax in the document.title, we get back wiki syntax; if we
use wiki syntax in the first heading, we get back HTML. That is totally
inconsistent and confusing.
This is an API design problem that should be discussed further on the
dev list.
Going back to this specific problem, I think that it should be solved by
using the plaintext output syntax, since inside a panel we're not
interested in formatting or other markup inside the title, just the
textual content.
So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
I need to use getXMLEncoded because the title doesn't always come from
the content.
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On Fri, Mar 5, 2010 at 10:40, Sergiu Dumitriu ser...@xwiki.com wrote:
On 03/05/2010 10:06 AM, Thomas Mortagne wrote:
On Fri, Mar 5, 2010 at 04:58, Sergiu Dumitriuser...@xwiki.com wrote:
On 03/02/2010 08:20 PM, Thomas Mortagne wrote:
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriuser...@xwiki.com wrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications
and My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle
will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far
as I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes.
Where does it say that it should produce xhtml content?
public String getDisplayTitle(XWikiContext context)
{
return getRenderedTitle(Syntax.XHTML_1_0, context);
}
I know that this is what it does, but why? The semantics of this method
changed over time. The method used (with 1.0 syntax) to return whatever
was in the title, interpreted but not rendered. So, if it did contain
html markup in it, then that was it. But the wiki markup wasn't rendered
into HTML. And it still behaves this way for the value placed in the
title field.
You forget part of what i said: (in xwiki/2.0 syntax). There is not
such thing as interpreted but not rendered with xwiki/2.0 syntax.
So, I don't agree with the behavior change and the inconsistency it creates.
Assuming that it should produce xhtml, the behavior is inconsistent. If
the title is placed in the document.title field, then it returns
characters; if it is placed in the first heading, it returns escapes. If
we use wiki syntax in the document.title, we get back wiki syntax; if we
use wiki syntax in the first heading, we get back HTML. That is totally
inconsistent and confusing.
This is an API design problem that should be discussed further on the
dev list.
Going back to this specific problem, I think that it should be solved by
using the plaintext output syntax, since inside a panel we're not
interested in formatting or other markup inside the title, just the
textual content.
So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
I need to use getXMLEncoded because the title doesn't always come from
the content.
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On Friday 05 March 2010 04:58:57 Sergiu Dumitriu wrote:
I need to use getXMLEncoded because the title doesn't always come from
the content.
I saw the suggestion to modify the getXMLEncoded route on the JIRA ticket, so
I decided to do some testing with that. I only know two ways to set the title
for a document (are there more?) either from the content or the title, and
here's the results from those. (I have edited the out some hrefs=)
Case 1: Having a document where title field is blank, but having a section as
Document 1: = A damn hr / ruler =
Document 2: = Att-göra-lista =
Results:
$rdoc.displayTitle
1 aA damn lt;hr /gt; ruler/a
2 aAtt g#246;ra-lista/a
$xwiki.getXMLEncoded($rdoc.getRenderedTitle('plain/1.0')
1 aA damn #60;hr /#62; ruler/a
2 aAtt göra-lista/a
Visually: all the results appears okay and the same in Firefox. (I wonder if
IE versions can handle the XML output?) The xml route outputs UTF-8
characters, whereas displayTitle escapes them correctly even if the browser
selects wrong character encoding. However, the rest of the wiki use utf-8
consistently so that later case is not likely an issue.
Case 2: Putting the same in proper title field.
Results:
$rdoc.displayTitle
1 a= A damn /ahr/a ruler =/a
2 a= Att göra-lista =/a
$xwiki.getXMLEncoded($rdoc.getRenderedTitle('plain/1.0')
1 a= A damn/apa/a/phr/a/aparuler =/a/p
2 a= Att göra-lista =/a
Visually: As you see, the characters are not escaped at all when using the
title, no matter what method is being used. Guessing would make me say the
title field is buggy. The xml route even puts in a few extra p tags for some
reason.
I think the proper title field needs to be fixed in some way to escape special
characters before this can be fixed. It might also be good to have an example
where getXMLEncoded() does any good for panel links at the moment, for testing
purposes?
-Regards, Joel
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On 03/05/2010 02:10 PM, Joel Forsberg wrote:
On Friday 05 March 2010 04:58:57 Sergiu Dumitriu wrote:
I need to use getXMLEncoded because the title doesn't always come from
the content.
I saw the suggestion to modify the getXMLEncoded route on the JIRA ticket, so
I decided to do some testing with that. I only know two ways to set the title
for a document (are there more?) either from the content or the title, and
No, these are the only ones. Actually, as a fallback, if there is not
title in any of these places, then the document name is used.
here's the results from those. (I have edited the out some hrefs=)
Case 1: Having a document where title field is blank, but having a section as
Document 1: = A damnhr / ruler =
Document 2: = Att-göra-lista =
Results:
$rdoc.displayTitle
1aA damnlt;hr /gt; ruler/a
2aAtt g#246;ra-lista/a
$xwiki.getXMLEncoded($rdoc.getRenderedTitle('plain/1.0')
1aA damn#60;hr /#62; ruler/a
2aAtt göra-lista/a
Visually: all the results appears okay and the same in Firefox. (I wonder if
IE versions can handle the XML output?) The xml route outputs UTF-8
characters, whereas displayTitle escapes them correctly even if the browser
selects wrong character encoding. However, the rest of the wiki use utf-8
consistently so that later case is not likely an issue.
Case 2: Putting the same in proper title field.
Results:
$rdoc.displayTitle
1a= A damn/ahr/a ruler =/a
2a= Att göra-lista =/a
$xwiki.getXMLEncoded($rdoc.getRenderedTitle('plain/1.0')
1a= A damn/apa/a/phr/a/aparuler =/a/p
This is caused not by the display code, but by the fact that the result
is used inside a panel written with the 1.0 syntax, which doesn't know
that the result is already processed. You can check that by actually
using this in the panel:
{pre}span class=panelitema
href=$rdoc.getURL('view')$xwiki.getXMLEncoded($rdoc.getRenderedTitle('plain/1.0'))/a/span{/pre}
{pre}{/pre} prevents re-rendering the content.
The result with this is:
A damn
ruler
Which again is a bit wrong, but this is a bug in the core, it always
assumes that the content that it got from the title field is
velocity+HTML, even if the page is in xwiki/2.0 syntax.
2a= Att göra-lista =/a
Visually: As you see, the characters are not escaped at all when using the
title, no matter what method is being used. Guessing would make me say the
title field is buggy. The xml route even puts in a few extrap tags for some
reason.
I think the proper title field needs to be fixed in some way to escape special
characters before this can be fixed. It might also be good to have an example
where getXMLEncoded() does any good for panel links at the moment, for testing
purposes?
Try to put one of these in the title field:
When to use /div
= badly broken display
CrossSiteScripting example: scriptalert('I pwnd U')/script
= bad, bad, bad
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On 03/02/2010 08:20 PM, Thomas Mortagne wrote:
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriuser...@xwiki.com wrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications and
My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook uglyhere =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far as I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes.
Where does it say that it should produce xhtml content?
Assuming that it should produce xhtml, the behavior is inconsistent. If
the title is placed in the document.title field, then it returns
characters; if it is placed in the first heading, it returns escapes. If
we use wiki syntax in the document.title, we get back wiki syntax; if we
use wiki syntax in the first heading, we get back HTML. That is totally
inconsistent and confusing.
This is an API design problem that should be discussed further on the
dev list.
Going back to this specific problem, I think that it should be solved by
using the plaintext output syntax, since inside a panel we're not
interested in formatting or other markup inside the title, just the
textual content.
So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
I need to use getXMLEncoded because the title doesn't always come from
the content.
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
Thanks Thomas
I made a JIRA entry against the Panels Application, and a trivial patch to fix
it. It's my first, so It'll be exciting to see what happens. :)
http://jira.xwiki.org/jira/secure/ManageAttachments.jspa?id=29978
-Joel Forsberg
On Tuesday 02 March 2010 20:20:01 Thomas Mortagne wrote:
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriu ser...@xwiki.com wrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications
and My recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle
will produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far
as I have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes. So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications and My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far as I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
Re: [xwiki-users] What is $xwiki.getXMLEncoded()'s purpose in url names?
On Tue, Mar 2, 2010 at 18:25, Sergiu Dumitriu ser...@xwiki.com wrote:
On 03/02/2010 05:01 PM, Joel Forsberg wrote:
Greetings
On my wiki using swedish characters for xwiki page titles give ugly but
working entries in all panels, e.g. Backlinks Recent modifications and
My
recent modifications
An example is having:
Startsidor f#246;r v#229;ra intresseomr#229;den
...instead of the correct:
Startsidor för våra intresseområden
Another example is putting thiss wiki code on top of a page:
= header thatlook ugly here =
The script responsible for for the texts in the panels is as follow:
span class=panelitem
a href=$rdoc.getURL('view')
$xwiki.getXMLEncoded($rdoc.displayTitle)
/a/span
I've noticed that changing the third line into only $rdoc.displayTitle will
produce a nice looking entry, and $rdoc is set via
#set($rdoc = $xwiki.getDocument($docname).getTranslatedDocument())
Now, can anyone see a purpose of using getXMLEncoded() for this? As far as I
have seen, it only breaks things.
This is not caused by getXMLEncoded, it merely makes the problem
visible. This method must be used in order to prevent other problems:
Invalid XML, broken layout, XSS...
The problem is that the code inside getDisplayTitle wrongly uses a XML
escaping option.
No, this is valid because the job of $rdoc.displayTitle is to produce
xhtml content and theses are valid XML escapes. So you don't need to
use getXMLEncoded because any xml content is already properly escaped
(in xwiki/2.0 syntax).
When you want a plain text version of the title you should use
$rdoc.getRenderedTitle(plain/1.0).
--
Sergiu Dumitriu
http://purl.org/net/sergiu/
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
