Hi,
On 05/16/2016 07:51 AM, Chris Steipp wrote:
> Is there any way we can default to having the body of the link not be
> passed as html? It's called $html, well documented that it's raw html, and
> I've lost track of the number of times people pass unsanitized text to it.
> I'd rather it not be
+1
I don't think I ever used that function with actual html, but more than
once I had to fiddle with escaping. I'm fairly sure it's hardly ever
used with with html.
Cheers,
Marius
On 16.05.2016 16:51, Chris Steipp wrote:
Is there any way we can default to having the body of the link not
Is there any way we can default to having the body of the link not be
passed as html? It's called $html, well documented that it's raw html, and
I've lost track of the number of times people pass unsanitized text to it.
I'd rather it not be something developers have to worry about, unless they
Hi,
For the past few weeks I've been working[1] on rewriting Linker::link()
to be non-static, use LinkTarget/TitleValue and some of the other fancy
new services stuff. Yay!
For the most part, you'd use it in similar ways:
Linker::link( $title, $html, $attribs, $query );
is now:
$linkRenderer =