View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000077 | HTML & PERL | Bug Report - Interface | public | 2005-01-19 01:33 | 2007-07-02 09:17 |
| Reporter | pelican | Assigned To | exp | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Summary | 0000077: Incorrect and missing escaping in message body field (for quoted replies) in messaging system | ||||
| Description | The hidden field 'msg.body' (used for sending replies quoting the original message) in the page showing the contents of a message replaces double quotes with & (the HTML character entity for the ampersand) instead of " and does not replace ampersands themselves with anything. Additionally, and optionally (although the HTML specification recommends this), < and > would ideally be represented by < and > | ||||
| Tags | No tags attached. | ||||
| has duplicate | 0000098 | closed | Ampersand (&) in CReqs |
|
|
Oh, the < and > thing refers to the tags inserted by the system for multi-line messages, as they are already handled correctly when inputted by the user. |
|
|
fixed the " issue, I don't think the others are a real problem. |
|
|
The others affect at least one user (well... me) so they are a real problem, although not a serious one. |
|
|
in what way do they affect you? |
|
|
As the specification notes that some clients do, mine interprets the > as the end of the tag, and displays the following text, which was, of course, meant to be the value of an attribute. Thus, I only get a single line quoted for replies automatically, and I see the quoted (incorrectly when I reported this bug) text of the message before the headers, Admittedly, this is a browser bug, but it's one that's acknowledged in the specification, and the simple change that would make the markup safe for everyone is recommended practice. |
|
|
I see this as a reasoanbly simple issue to fix, and no downside to doing so. (well, apart from an extra few characters in the message for > rather than > |
|
|
Bump, as this is basically the same issue as that in: http://www.anidb.net/tracker/view.php?id=98 Not escaping the & and other html-dangerous characters will lead to more problems of this sort... Rar |
|
|
I will look into that when I get the time. |
|
|
changed |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2005-01-19 01:33 | pelican | New Issue | |
| 2005-01-19 01:36 | pelican | Note Added: 0000145 | |
| 2005-01-23 20:37 | exp | Status | new => resolved |
| 2005-01-23 20:37 | exp | Resolution | open => fixed |
| 2005-01-23 20:37 | exp | Assigned To | => exp |
| 2005-01-23 20:37 | exp | Note Added: 0000158 | |
| 2005-01-23 20:37 | exp | Assigned To | exp => |
| 2005-01-24 02:09 | pelican | Status | resolved => feedback |
| 2005-01-24 02:09 | pelican | Resolution | fixed => reopened |
| 2005-01-24 02:09 | pelican | Note Added: 0000162 | |
| 2005-01-24 08:38 | exp | Note Added: 0000163 | |
| 2005-01-25 04:30 | pelican | Note Added: 0000166 | |
| 2005-01-25 18:35 | Rar | Note Added: 0000171 | |
| 2005-02-28 17:02 | Rar | Note Added: 0000271 | |
| 2005-02-28 21:01 | exp | Note Added: 0000278 | |
| 2005-02-28 21:01 | exp | Assigned To | => exp |
| 2005-02-28 21:01 | exp | Status | feedback => assigned |
| 2005-02-28 21:07 | exp | Relationship added | has duplicate 0000098 |
| 2005-03-07 17:42 | exp | Status | assigned => closed |
| 2005-03-07 17:42 | exp | Note Added: 0000301 | |
| 2007-07-02 09:17 | epoximator | Status | closed => resolved |
| 2007-07-02 09:17 | epoximator | Resolution | reopened => fixed |
