#7131 closed defect (bug) (invalid)
Dashboard: unescaped & which should be written as &
Reported by: | hakre | Owned by: | Nicholas91 |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.5.1 |
Component: | Validation | Keywords: | |
Focuses: | Cc: |
Description
Titels of aggregated RSS Feeds are not properly output to the Browser. If they containt the "&" Char for example, it is not written as "&".
Tidy Reports: "unescaped & which should be written as &"
I was not able to reproduce with 2.6 bleeding2, when using the same feed, the <span class="post"> elements to not contain the text. only the <cite> tags are left.
Looks like a bad made fix.
More Infos:
Cause:
The ampersand ("&") is a special character in HTML. It marks the beginning of a entity, like " " for a non-breaking space.
In XHTML, a entity must also end with a semicolon (";"). For example " "
Because this is so, any time a literal ampersand appears in a document, it needs to be written as a character entity, "&". Ampersands commonly appear in the query string of a URL, and need to be expressed as an entity there.
Example - Normal Ampersand:
Good Smith & son
Good Smith & son
Example - Ampersand in a Query String:
Good <a href="http://www.domain.com/cgi?x=1&y=2">query string</a>
Good <a href="http://www.domain.com/cgi?x=1&y=2">query string</a>
Solution:
Please replace "&" with "&".
References:
- W3C entities: http://www.w3.org/TR/html4/sgml/entities.html
- WDG : http://www.htmlhelp.com/reference/html40/entities/
- Very interesting : http://ppewww.ph.gla.ac.uk/~flavell/www/formgetbyurl.html
Attachments (2)
Change History (17)
#3
@
15 years ago
- Cc dragos.nicholas@… added
- Keywords has-patch needs-testing added
- Owner changed from anonymous to Nicholas91
#4
@
15 years ago
- Cc dragos.nicholas@… removed
I've also edited rewrite.php in wp-includes. & is now & .
#6
follow-up:
↓ 7
@
15 years ago
I'm not sure those in rewrite should be & they're only used internally, not in external documents..
#7
in reply to:
↑ 6
@
15 years ago
Replying to DD32:
I'm not sure those in rewrite should be & they're only used internally, not in external documents..
It doesn't matter if it's used internally or externally. & is correct, because &feed, &cpage, &withcomments are not entities, so we use & instead.
#8
@
15 years ago
It doesn't matter if it's used internally or externally. & is correct, because &feed, &cpage, &withcomments are not entities, so we use & instead.
It does, Because URL's do not have entities within them(Only URL encoded entities within fields). Entities are what we use to escape the URL when used within a HTML/XHTML document source.
#9
@
15 years ago
Ok, you know better than me. Anyway, the dashboard.php file has external links (to google blog search for ex) so it should be commited.
#10
@
15 years ago
An URI is not XHTML: There is no need for permalinks having & inside. That is a question of definition and since permalinks parse what the webserver passes to the script, they should be decoded (&) and not encoded (&). because at that point, they are in there plain with style. rewrite.diff is invalid.
the other patch - dashboard.diff - is quite this and that. for example URIs passed to clean_url() do not need the & encoding according to a dev (sorry, just wrote a comment there but can not dig it up so no link). I will take a look in dashboard.php and check if there are places to fix.
#12
@
15 years ago
- Keywords has-patch needs-testing removed
- Milestone changed from 2.9 to 2.8
- Resolution set to invalid
- Status changed from new to closed
I had several problems in validating the dashboard. I do not see & problems right now. (okay there is one: line 457 column 77 - Fehler: there is no attribute "autocomplete"). But that is not the case here. So therefore, I change that to invalid because it is not a Bug any longer.
I've edited dashboard.php (replaced the "&" in URLs with &). My uploaded dashboard.php has the ellipses character, but you should commit this ticket first: #8714.