--- Comment #2 from Chris Steipp <> ---
(In reply to Prateek Saxena from comment #1)
> Instances of `.html()` - 
> 1. In the `createBox` method I do something like:
>     $el.html( $el.html() );
> Its to refresh the DOM and display the SVG elements (see comments in the
> method)  that were added in the `createThumbnail` method. The elements
> created there follow [1] and thus are escaped.

I'm mostly concerned about the $contentbox portion, since that is generated
from user content.

> 2. To create the SVG element that masks the popup to create the triangle I
> do:
>     $svg.html( '<svg width="0" height="0">...</svg>' );
> Making this through jQuery methods was becoming to verbose. This a plain
> string with no concatenation from anywhere so I guess its safe.

Yes, this part is fine.

> 3. There is an i18n string if the page redirects, it needs to read like
> "redirects to OtherPage". As in certain languages it could be "OtherPageā€¦"
> and not "ā€¦OtherPage", Mark suggested that I add a $1 to it [2]. As I need
> those elements to be styled a certain way, the i18n strings will end up
> having an <h3> and thus my code looks something like this
>     $( '<div>' ).html( mw.message( 'popups-redirects', redirects[ 0 ].to
> ).text() );
> I am not sure if this is safe.
> [1]
> JavaScript#Creating_elements
> [2]

Is there a working version of this in labs somewhere that I can test with? Or
can you list out what dependencies this has? I'm not able to get it working

You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
Wikibugs-l mailing list

Reply via email to