asked 2010-05-01 13:21:22 -0500Pekka
It seems that HTML tags in titles are swallowed instead of escaped to HTML entities.
Clarification: I do not mean allowing HTML in TITLE tags, but converting
>into their respective HTML entities
gt;. At the moment, if you type in
Hello <World>, the
<World>part will be completely swallowed and the result will be
Hello. The end result, in my opinion, should be
Hello <World>I do not think any real HTML should be allowed in titles.
Hmm, tags in in titles - not supported yet. Should we? - I'm not sure.
I know Mathoverflow people like to insert equations into titles - but they do it using a non-html trick, as far as I know.
If we do - it would have to be a limited set of tags - you wouldn' want to have
<div> <iframe> <table> and stuff like that.
What tags to you want to allow in title?
edit oh, I see what you mean - would it make sense to have input validation just reject titles with html tags rather than silently drop them? We sure can convert tags to entities - but the text would look weird an somebody might think that the site is broken after looking at
edit 2 ok convinced me - it's a bug dammit :)!
edit 3 fixed in the repository - will deploy tomorrow
Create your Q&A site at askbot.com. Managed Askbot hosting at just $15/mo. Dedicated hosting, support contracts, consulting services.create your Q&A site
Asked: 2010-05-01 13:21:22 -0500
Seen: 930 times
Last updated: May 04 '10