Just so everyone knows, Brion made some modifications to the patch to
make it exhibit the desired behavior, as well as to use some utility
functions from the Sanitizer package, and checked it into HEAD last night.
Bug message from Brion:
<http://bugzilla.wikimedia.org/show_bug.cgi?id=684#c18>
Diff of Parser.php from CVS:
<http://cvs.sourceforge.net/viewcvs.py/wikipedia/phase3/includes/Parser.php?r1=1.446&r2=1.447>
Thanks Brion!
- David
David Friedland wrote:
Ed W wrote:
Do you mean this bug:
http://bugzilla.wikimedia.org/show_bug.cgi?id=684
What's wrong with the code as is? Looks great to me?
Please advise what's wrong and I will fix it up - seems great for my
purpose
Thanks
Ed W
I wrote this patch. I stopped working on it after a cold reception--my
contributions weren't met with much enthusiasm so I stopped pursuing
trying to make them.
Brion wants it changed to not allow \' and \" as escapes for ' and "
inside quoted strings and to not allow whitespace between the opening <
and the name of the tag.
Also, Ævar notes that the patch doesn't work on the current HEAD, as the
code the patch applies to has probably changed since the patch was
written, so it needs some cleaning up.
Hope that helps. Good luck.
- David Friedland