[TYPO3-core] RFC: pi_openAtagHrefInJSwindow() applies htmlspecialchars() twice
Michael Stucki
michael at typo3.org
Thu Nov 9 11:02:50 CET 2006
Hi Ernesto & Martin,
> So clearly the second one is not XHTML-conform.
I see. You expect that someone has worked around the bug. Maybe.
> So I would propose to change it only in TRUNK and have that notice added
> in the release notes so that plugin writers can check if their extension
> is affected and change it accordingly. Or do the "TYPO3-way", which
> would be to add a $hsc parameter to the function, where the caller can
> decide if he wants to pass the URL again through hsc or not (defaulting
> to "true" for backwards compatibility reasons).
I think it's ok to fix the bug in Trunk and mention it in the release notes
accordingly. No need for $hsc etc.
> And while changing that, we could also change the "#" to the called URL,
> which would add a bit more accessibility to this call (so browsers
> without active JavaScript would still be able to follow the link).
Will do that. New patch follows after 4.0.3...
- michael
--
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-team-core
mailing list