> > but there's some strange desire to not make it bulletproof > > based on a fear of ambiguous problems that might arise from > > fixing the specific problem that we know exists. > > Yes! I'm much more afraid of ambiguous problems that might be caused > by a change, than I am by the ones I know how to easily solve. This is > especially true for changes that go against the common idiom of a > language, as this would. Maybe I'd be more interested if the current > behavior was a serious problem, but it's not. How hard is it to deal > with this one case?
Very, because nobody expects it, therefore, nobody deals with it. Therefore in any given application that uses jsstringformat, the problem exists. However. The solution is tested and proven. "Going against the common idiom" isn't a relevant complaint in this case because a) the solution is proven to work b) the solution is proven not to cause other problems c) the current implementation which follows the common idiom results in the above problem, which exists in nearly 100% of applications that use jsstringformat. Meaning, there is a) there is a benefit to deviating from the "common idiom" b) there is no disadvantage to that deviation and c) there is no benefit to not deviating in this case. > > It should just be bulletproof *if* we can make it so without > > negative side effects, and it's been proven that we can. > > Just because you don't know that there are negative side effects, doesn't > mean there aren't any. The word "proof" has a stricter meaning than that. Okay... you're a smart guy, arguably one of the smartest people working with ColdFusion. Give me a scenario in which escaping the / character will cause a problem in existing code. For example, the / character is being escaped by SerializeJSON -- although I don't know tha it's being escaped everywhere, it's definitely being escaped if it's found in a closing script tag. Show me an example of where properly replacing an existing case of jsstringformat with SerializeJSON on a string value would break something that's currently working. (That is, assuming that both instances are appropriate, analogous uses of the respective functions, i.e. quotes or not surrounding the function if necessary, htmleditformat() around them if they're in a tag attribute or not if they're in a CDATA segment, etc.) Hell, I'll make a public apology. I'd offer you a cash prize, but I can't afford one that would be large enough to create an incentive for you. We have as close as human beings can come to "proof" (which admittedly may not be all that close) in this case. > In any case, since neither you nor I have access to the CF source code, I > suggest you file a bug report/wishlist request/whatever and move on. Maybe > you'll get what you want in CF9. Given that your attitude reflects the prevailing belief about it, I'd be really surprised if the CF team would disagree with you. -- s. isaac dealey ^ new epoch isn't it time for a change? ph: 503.236.3691 http://onTap.riaforge.org/blog ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:295734 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4