https://bugzilla.wikimedia.org/show_bug.cgi?id=55526
Web browser: ---
Bug ID: 55526
Summary: $parser->recursiveTagParse($input) does not escape &
consistently.
Product: MediaWiki
Version: 1.19.7
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: Unprioritized
Component: Parser
Assignee: [email protected]
Reporter: [email protected]
Classification: Unclassified
Mobile Platform: ---
Created attachment 13461
--> https://bugzilla.wikimedia.org/attachment.cgi?id=13461&action=edit
simple tag extension demonstrating the issue.
When using $parser->recursiveTagParse($input), the & character is sometimes
escaped and sometimes not:
$input = 'a & b < a | b http://example.com?a&b';
$output = $parser->recursiveTagParse($input);
Here, $output gets
'a & b < a | b <a rel="nofollow" class="external free"
href="http://example.com?a&b";>http://example.com?a&b";>http://example.com?a&b</a>'
The first & is not escaped, and the & in the URL is escaped. < and > are
escaped. The source documentation of Parser::recursiveTagParse does not mention
the expected behavior. However it should be either escaping the & characters or
not.
[As I have to parse the output of recursiveTagParse into a DOMDocument in my
extension, this behavior makes my life real hard as I cannot just escape all &
before parsing]
I attached a mini-tag extension that can be used to further analyze the
problem. Note that in a tag extension, all unescaped & in the returned string
are converted to & by MediaWiki at a later stage so that correct HTML is
returned even if someone would return the output of
$parser->recursiveTagParse($some_wikitext) directly. This "hides" the bug but
doesn't solve the underlying problem.
Thanks for developing MediaWiki by the way. It's great!
Philipp
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
