search

jthomerson / redmine_trac_formatter_plugin

Plugin for Redmin that allows you to use Trac wiki formatting
Apache License 2.0
2 stars 1 forks source link

Escape entities #4

Open jthomerson opened 12 years ago

jthomerson commented 12 years ago

Entities in markup should be escaped. For instance < should become &lt;.

Example in Trac:

What does <a href="http://google.com">google link</a> end up looking like?

What if it's in {{{<a href="http://google.com">google link</a>}}}

Becomes

What does &lt;a href="<a class="ext-link" href="http://google.com"><span class="icon">&nbsp;</span>http://google.com</a>"&gt;google link&lt;/a&gt; end up looking like?
</p>
<p>
What if it's in <tt>&lt;a href="http://google.com"&gt;google link&lt;/a&gt;</tt>
</p>

They auto-link the URL inside the escaped link markup from the first line.

jthomerson commented 12 years ago

When this is fixed it would be nice to still have a way to add embedded HTML within the markup. We'll need to see what Trac does for this (does it allow it?) and match that, or come up with our own way of allowing it. It might be a feature that should be controlled from the admin configuration for the plugin since on some wikis you will definitely not want users to be able to embed markup.