Edgewall Software

Ticket #4089 (closed defect: fixed)

Opened 2 years ago

Last modified 2 years ago

Ticket title double-escapes entities

Reported by: Tim Hatch <trac@…> Owned by: cmlenz
Priority: normal Milestone: 0.11
Component: general Version: devel
Severity: minor Keywords:
Cc:

Description

I have a ticket that contains a little ascii arrow "->" (i.e. hyphen followed by greater-than). This displays correctly in the timeline view, search, and in the page itself, (as -&gt; in the source). It displays incorrectly in the title of /ticket/nnn (as -&amp;gt; in the source). I tried to track it down, but I think it's buried somewhere deep in ticket/model.py, as ticket_view.html just references ticket.summary. Lines 95-96 in ticket/model.py look completely normal.

Attachments

Change History

Changed 2 years ago by Tim Hatch <trac@…>

Oh, forgot to mention that it's unescaped in the database:

sqlite> select summary from ticket where id=nn;
Summary of ticket with -> here

Changed 2 years ago by Tim Hatch <trac@…>

Aha! After looking some more, I think it's perhaps related to lines 10-12 of templates/layout.html -- is select('title/text()') returning the escaped version, which is being re-escaped when used as text?

Changed 2 years ago by cboos

  • component changed from ticket system to general
  • severity changed from normal to minor
  • milestone set to 0.11

Yes, this comes from the

    <title py:with="title = unicode(select('title/text()'))">

line, the unicode() call in particular.

This was introduced by r3866, but nothing specific about the need for the unicode() call was written in the commit message. Maybe cmlenz could comment on this?

PS: Tim, you could use `...` Wiki syntax for inline code formatting, instead of the more verbose {{{...}}}.

Changed 2 years ago by cmlenz

  • owner changed from jonas to cmlenz
  • status changed from new to assigned

I'll look into this.

(The unicode() there is necessary to flatten the event stream to a string, but there's probably a better way to do that.)

Changed 2 years ago by cmlenz

  • status changed from assigned to closed
  • resolution set to fixed

Should be fixed in [4165].

Add/Change #4089 (Ticket title double-escapes entities)

Author



Change Properties
<Author field>
Action
as closed
Next status will be 'reopened'
to The owner will change from cmlenz. Next status will be 'closed'
 
Note: See TracTickets for help on using tickets.