#184

should the markup escaping code auto-detect entity references and avoid escaping them?

    • Created on: Thu, Nov 25 2010 (over 1 year ago)
    • Reported by: jstrachan
    • Assigned to: -
    • Milestone: -
    • Estimate: None/Small/Medium/Large None
    • Status: New
    • Priority: Normal (3)
    • Component: -
    • Permission type: Public
    if we have some text like "this & that" then by default we escape the & to "this & that" which is a bit silly. I wonder if we should by default auto-detect entity references in the markup/text and not escape them?

    see the discussion here: http://groups.google.com/group/scalate/browse_thread/thread/6231fc39c6f769b8
  • Followers
     
    Ico-users jstrachan 
     
    Attachments
    No attachments
    Associations
     
    No associations
    Activity
     
    User picture

          on Nov 25, 2010 @ 09:06am UTC * By jstrachan

    Description changed from if we have some text like "... to if we have some text like "...
    User picture

          on Apr 17, 2012 @ 04:13am UTC * By nilskp

    I think a very clear rule should be that content from variables are escaped, but statically typed content is not. And this has to do with context. If it's statically typed in the HTML form, you can be expected to type it correctly. A variable is typically sourced from something else and cannot have the same expectation.
    Time Expenditure
    Loading