Ticket title double-escapes entities

[Tim Hatch <trac@…>]

I have a ticket that contains a little ascii arrow "->" (i.e. hyphen followed by greater-than). This displays correctly in the timeline view, search, and in the page itself, (as -&gt; in the source). It displays incorrectly in the title of /ticket/nnn (as -&amp;gt; in the source). I tried to track it down, but I think it's buried somewhere deep in ticket/model.py, as ticket_view.html just references ticket.summary. Lines 95-96 in ticket/model.py look completely normal.

[Tim Hatch <trac@…>]

Oh, forgot to mention that it's unescaped in the database:

sqlite> select summary from ticket where id=nn;
Summary of ticket with -> here

[Tim Hatch <trac@…>]

Aha! After looking some more, I think it's perhaps related to lines 10-12 of templates/layout.html -- is select('title/text()') returning the escaped version, which is being re-escaped when used as text?

[cboos]

Yes, this comes from the

    <title py:with="title = unicode(select('title/text()'))">

line, the unicode() call in particular.

This was introduced by r3866, but nothing specific about the need for the unicode() call was written in the commit message. Maybe cmlenz could comment on this?

PS: Tim, you could use `...` Wiki syntax for inline code formatting, instead of the more verbose {{{...}}}.

[cmlenz]

I'll look into this.

(The unicode() there is necessary to flatten the event stream to a string, but there's probably a better way to do that.)

[cmlenz]

Should be fixed in [4165].