Opened 5 years ago
Last modified 3 years ago
#405 new defect
Event description sanitization
| Reported by: | pferreir | Owned by: | |
|---|---|---|---|
| Priority: | high | Milestone: | v2.1 |
| Component: | RSS/iCal/XML/Metadata | Version: | 0.96.x |
| Keywords: | xml, search | Cc: |
Description
Since we are using HTML in the description fields, we have to escape it when we present i.e. search results. The result is not always nice, as people often need markup.
There are several solutions here (and the final one might be the combination of them):
- Whitelist a restricted set of HTML tags and render them in the output;
- Render the output as plain text (if not for the web interface, it could be useful for the iCal/RSS part);
- Just remove HTML;
Change History (3)
comment:1 Changed 5 years ago by jbenito
- Milestone changed from v0.98 to v1.0
- Priority changed from normal to high
comment:2 Changed 5 years ago by pferreir
One could use, for example: http://www.aaronsw.com/2002/html2text/
comment:3 Changed 3 years ago by jbenito
- Milestone changed from v1.0 to v1.3
Note: See
TracTickets for help on using
tickets.
Also in the search results