kilbith
commented
5 years ago mt.formspec_escape could be localized to fs_esc to reduce the lines length.
Closed Wuzzy2 closed 5 years ago
kilbith
commented
5 years ago mt.formspec_escape could be localized to fs_esc to reduce the lines length.
kilbith
commented
5 years ago
This mod messed around with the formspec, adding variable strings into it without escaping them. This PR fixes this. As a general advice: Never trust strings that can change, so you have to be paranoid about them by sending them through
minetest.formspec_escape.It also applies format strings properly to strings that have to be translated. Please note: String concatenation is toxic for translators, because in other languages, the word order might be different. Always use format strings when you have to use parameters in translatable strings.
Thank you for your attention.