David Baird wrote:
On 9/12/05, Dave Howorth <[EMAIL PROTECTED]> wrote:
The link is generated using this code from the macros template:
MACRO link(table, command, additional, label) BLOCK;
SET lnk = base _ "/" _ table _ "/" _ command _ "/" _ additional;
lnk = lnk | uri | html;
'<a href="' _ lnk _ '">';
label;
"</a>";
END;
Clearly the uri filter can't encode an =, because then it would also
encode the equal that separates the field name from the value.
If this is true, then I'd suggest that's a bug in the uri filter. It
should be able to recognise that foo=baz=fuzz is a single key/value
pair, just by keeping track of how many ='s have been seen.
Don't think it's a 'bug', maybe a lack of features. The uri filter does
pretty simple-minded character substitution, whilst full URI parsing and
encoding is a scheme-specific nightmare as far as I can see. And since
schemes are open-ended. it's not tractable in the general case.
Using both a URI and HTML filter is surely wrong. The link macro is
building a URL at that point, it should only be URI escaping. The
thing that should be HTML-escaped is the label.
No, you also need to HTML encode a link that is going to appear in an
HTML page. For example, a '<' character that appears in the href needs
encoding (and one appears in my search query text, right next to the =,
as it happens :)
You should be able to set up some easy to follow test cases by passing
strings directly to the escape functions, rather than tracking it down
through Maypole/TT templates.
I have a test template that shows what's happening, if that's what you
mean. Remember the 'escape functions' are TT built-ins. But I don't
think that's the issue. It's pretty clear to me that its broken. The
only question in my mind is what is the best fix?
Cheers, Dave
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.344 / Virus Database: 267.10.21/96 - Release Date: 10/09/05
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Maypole-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/maypole-users
