https://bugzilla.wikimedia.org/show_bug.cgi?id=68372
--- Comment #18 from Bawolff (Brian Wolff) <[email protected]> --- > > 1. Just put the file name as-is (with spaces replaced by underscores) in > the URL fragment part. > Pro: readable file names in URLs, easy to generate. > Con: technically not a valid URI. [2] (It would be a valid IRI, > probably, but browser support for that is not so great, so non-ASCII > bytes might get encoded in unexpected ways.) Yeah, that sounds like the making of some not so fun bugs. >Creates nasty usability > and security issues (injection vulnerabilities, RTL characters, > characters which break autolinking). What sort of injection vulnerabilities do you mean ( < and > are disallowed in titles. Things should be escaped before injecting into html anyways). I doubt RTL characters would cause major problems. The annoying characters (bidi override, rtl mark, etc) are banned from file names anyways. > Would make it very hard to > introduce more complex URL formats later, as file names can contain > pretty much any character. > true. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
