Ticket #1961 (closed defect: fixed)

Opened 2 years ago

Last modified 1 year ago

Header image generator misreads values, creates invalid and broken XHTML

Reported by: philor Assigned to: anonymous
Priority: normal Milestone:
Component: Template Version: 1.6
Severity: normal Keywords:
Cc: philor

Description

In templates/default/functions.php:

The kubrick_header_image option is saved with an unescaped ampersand, so it breaks XHTML.

The functions kubrick_upper_color and kubrick_lower_color have a counting problem, so after saving a new set of colors they get, e.g., ee8&lo for 69aee8 and 0b7 for 4180b7. To not abandon people who have saved a set of colors with an unencoded ampersand, they need to not just take a substr starting at the right number, but actually parse the string (at least to the extent of taking the 6 characters after the first and last occurrence of "="), since the lower_color can start at either character 34 or 38.

The kubrick_head function inserts the style hidden from incredibly ancient browsers with SGML comments, so in XHTML as XML it doesn't exist.

Change History

11/25/05 09:15:06 changed by matt

I would like for you to attempt to use an encoded ampersand in embedded CSS. I didn't have any luck.

11/26/05 20:43:08 changed by davidhouse

Ideally, it should be in a CDATA block, so unencoded ampersands would be allowed. What's browser support like here?

11/28/05 20:21:53 changed by philor

Mmm, nice. Easy to do if you know what you're serving, not if you don't. There is a commenting hack that apparently mostly works, except maybe in some older versions of Opera, but 

<style type="text/css">
<!--/*--><![CDATA[/*><!--*/
&
/*]]>*/--></style>

is a touch ugly.

And since the colorpicker uses document.writeln(), it's also tag-soup-only. Maybe just hiding the whole thing based on html_type is the sane way out.

12/07/05 03:46:16 changed by skeltoac

  • status changed from new to closed.
  • resolution set to fixed.
  • milestone set to 2.0.

Fixed in [3276]

11/30/06 19:41:47 changed by

  • milestone deleted.

Milestone 2.0 deleted