[Zope] special characters
Martijn Pieters
mj@antraciet.nl
Fri, 05 Mar 1999 11:16:30 +0100
At 00:24 05/03/99 , John Eikenberry wrote:
>'manage_addProperty' calls various converters from ZPublisher.Converters
>to format the properties values. Shouldn't html_quote be used when
>formatting strings and text? This would be trivial to change. Would this
>cause some problem I don't realize? If not, I'd like to add this to the
>Collector for the next version.
>
Yes, because you sometimes (most of the time, really), want to have the raw
input from the user. If you then use this raw input in HTML again, only
*then* should you quote out any HTML. Besides, what if I want the data to
be URL quoted? Or SQL quoted?
--
M.J. Pieters, Web Developer
| Antraciet http://www.antraciet.nl
| Tel: +31-35-6254545 Fax: +31-35-6254555
| mailto:mj@antraciet.nl http://www.antraciet.nl/~mj
| PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149
------------------------------------------