## Not signed in

Want to take part in these discussions? Sign in if you have an account, or apply for one below

## Site Tag Cloud

Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.

• CommentRowNumber1.
• CommentAuthorMike Shulman
• CommentTimeMar 5th 2009
How do I make asterisks in itex? Writing "*" gets translated to <em> tags in the wrong places, but \ast doesn't work either.
• CommentRowNumber2.
• CommentAuthorTobyBartels
• CommentTimeMar 5th 2009
• (edited Mar 5th 2009)
\* in Markdown; $*$ works fine for me already in iTeX. See my tests in the Sandbox.
• CommentRowNumber3.
• CommentAuthorMike Shulman
• CommentTimeMar 13th 2009
Try it on the cafe.
• CommentRowNumber4.
• CommentAuthorTobyBartels
• CommentTimeMar 14th 2009
• (edited Mar 14th 2009)
That's pretty weird. What's in the Sandbox:
\* $*$ $\star$ $\ast$ $*f*$ *hi* *
creates an error, but this:
\* $\star$ $\ast$ *hi* *$*$ $*f*$
works just fine. (All with Markdown + iTeX2MML, of course.)

By the way, this software seems to think that <code> should behave like \verbatim (which it doesn't) and changes my HTML to produce a result as if it did. That is rather annoying, and even makes it impossible to do certain things correctly, but I managed to get this post correct at least.
• CommentRowNumber5.
• CommentAuthorAndrew Stacey
• CommentTimeMar 19th 2009
• (edited Mar 19th 2009)

Hmmm, that might be because the filter 'Html' is slightly misleading. It isn't a 'raw' filter, it does do some processing to strip out "unsafe" html. It says that it doesn't look inside code blocks, is that what you wanted?

I'm not sure if what I see in the database is exactly what you typed as there seem to be lots of escaped characters which I think might just be a feature of how I'm accessing the database (for example, "it's" appears as "it\'s").

I'm also not sure exactly what you mean by the difference between code and verbatium. Is it that if I type <code>&amp;</code> then I ought to see an ampersand whereas what I actually see is &amp;?

Ah, looking at the markdown code I think I see the problem. Inside a code run is the line:

s/&/&amp;/g

which encodes all ampersands to entities regardless of whether or not they are already html entities. Oh, hang on, that's the original perl ... let's look at the php. Yup, it's there:

$_ = str_replace('&', '&amp;',$_);

Right, so that's too crude. What ought to happen is that only ampersands that are not already HTML entity codes should be converted. In some perl code I once wrote I used the modules MathML::Entities and HTML::Entities::Numbered which have conversion strings. Presumably there are PHP equivalents. Either that or I could rewrite the regexp.

Do you think that this ought to be filed as a bug on the Markdown/PHPMarkdown page(s)?

(Okay, I know that you used the Html filter rather than markdown but in testing I encountered the same problem in all the filters and markdown is the one I know best. Actually, the fact that it is a problem in all the filters suggests that there might be another hidden filter somewhere else doing the same thing. I'll investigate.)

• CommentRowNumber6.
• CommentAuthorTobyBartels
• CommentTimeMar 19th 2009
This comment is invalid XHTML+MathML+SVG; displaying source. <div> <blockquote>Is it that if I type &lt;code&gt;&amp;&lt;/code&gt; then I ought to see an ampersand whereas what I actually see is <code>&amp;</code>?</blockquote>Yep, that's it. I would say that it's a bug in … whatever is doing this. </div>
• CommentRowNumber7.
• CommentAuthorAndrew Stacey
• CommentTimeMar 23rd 2009
• (edited Mar 23rd 2009)
This is really strange. It seems unique to code blocks which are meant to be protected from parsing under all the filters. Compare the following (first is a code block, second a pre block):

&

&
• CommentRowNumber8.
• CommentAuthorAndrew Stacey
• CommentTimeMar 24th 2009
Okay, let's try this now. This is with the Html filter: typing <code>&amp;</code> produces & (for font comparison, an ampersand in normal font is &)
• CommentRowNumber9.
• CommentAuthorAndrew Stacey
• CommentTimeMar 24th 2009
• (edited Mar 24th 2009)

Markdown is a little more subtle. The Markdown code explicitly states:

Encode all ampersands; HTML entities are not entities within a Markdown code span.

So I'm loathe to take out the substitution for Markdown. On the other hand, Markdown ought to allow Html code to go straight through. Thus if I type <b>hello</b> it ought to come out as hello but it actually comes out as <b>hello</b>. The problem seems to be with the wrapper script that calls Markdown on posts. That escapes angle brackets. If I disable that then I can pass code blocks through the Markdown filter without difficulty and so typing <code>&amp;</code> produces & as required.

I'm not sure what that escape routine is for so I'm happy to disable it. I guess that it is intended to protect comments from malicious code.

...

Yes, looking at the comments on the Markdown plugin page on the forum software I see that this is the case. That should be fixable - it oughtn't to be down to a format plugin to oversee malicious code security!

...

Okay, let's try this. I've hacked the Html and Markdown filters so that they work as they ought to and added the kses filter as a non-optional filter to remove malicious (x)html code. So typing <illegal>block</illegal> simply results in whilst <code>&amp;</code> produces & as desired.

Right. You'd better use this functionality!

• CommentRowNumber10.
• CommentAuthorTobyBartels
• CommentTimeMar 24th 2009
This comment is invalid XHTML+MathML+SVG; displaying source. <div> I'll use it to complain about the Mardown on the wiki then.<p><code>&amp;amp;&amp;rarr;</code> in Instiki produces <code>&lt;code&gt;&amp;amp;amp;?&lt;/code&gt;</code> in XHTML, while <code>&lt;code&gt;&amp;amp;&amp;rarr;&lt;/code&gt;</code> produces <code>&lt;code&gt;&amp;amp;?&lt;/code&gt;</code>.<p>On the blog, things are still worse (again using Mardown+iTeX): even <code>&amp;rarr;</code> is spelt out between <code></code>s!<p>Also, I see from the preview of my first, mistyped, version of this comment that <code>&lt;code&gt;</code> tags still aren't letting through things like <code>&lt;p&gt;</code> or even <code>&lt;b&gt;</code>.<p>I don't know how important all this is (especially if I can use <code>&lt;tt&gt;</code> instead), but there it is.</p></p></p></p> </div>`