Want to take part in these discussions? Sign in if you have an account, or apply for one below
Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.
\* $*$ $\star$ $\ast$ $*f*$ *hi* *
\* $\star$ $\ast$ *hi* *
$*$ $*f*$
<code>
should behave like \verbatim
(which it doesn't) and changes my HTML to produce a result as if it did. That is rather annoying, and even makes it impossible to do certain things correctly, but I managed to get this post correct at least.
Hmmm, that might be because the filter 'Html' is slightly misleading. It isn't a 'raw' filter, it does do some processing to strip out "unsafe" html. It says that it doesn't look inside code blocks, is that what you wanted?
I'm not sure if what I see in the database is exactly what you typed as there seem to be lots of escaped characters which I think might just be a feature of how I'm accessing the database (for example, "it's" appears as "it\'s").
I'm also not sure exactly what you mean by the difference between code and verbatium. Is it that if I type <code>&</code> then I ought to see an ampersand whereas what I actually see is &
?
Ah, looking at the markdown code I think I see the problem. Inside a code run is the line:
s/&/&/g
which encodes all ampersands to entities regardless of whether or not they are already html entities. Oh, hang on, that's the original perl ... let's look at the php. Yup, it's there:
$_ = str_replace('&', '&', $_);
Right, so that's too crude. What ought to happen is that only ampersands that are not already HTML entity codes should be converted. In some perl code I once wrote I used the modules MathML::Entities and HTML::Entities::Numbered which have conversion strings. Presumably there are PHP equivalents. Either that or I could rewrite the regexp.
Do you think that this ought to be filed as a bug on the Markdown/PHPMarkdown page(s)?
(Okay, I know that you used the Html filter rather than markdown but in testing I encountered the same problem in all the filters and markdown is the one I know best. Actually, the fact that it is a problem in all the filters suggests that there might be another hidden filter somewhere else doing the same thing. I'll investigate.)
<div>
<blockquote>Is it that if I type <code>&</code> then I ought to see an ampersand whereas what I actually see is <code>&</code>?</blockquote>Yep, that's it. I would say that it's a bug in … whatever is doing this.
</div>
&
&
<code>&</code>
produces &
(for font comparison, an ampersand in normal font is &)
Markdown is a little more subtle. The Markdown code explicitly states:
Encode all ampersands; HTML entities are not entities within a Markdown code span.
So I'm loathe to take out the substitution for Markdown. On the other hand, Markdown ought to allow Html code to go straight through. Thus if I type <b>hello</b>
it ought to come out as hello but it actually comes out as <b>hello</b>. The problem seems to be with the wrapper script that calls Markdown on posts. That escapes angle brackets. If I disable that then I can pass code blocks through the Markdown filter without difficulty and so typing <code>&</code>
produces &
as required.
I'm not sure what that escape routine is for so I'm happy to disable it. I guess that it is intended to protect comments from malicious code.
...
Yes, looking at the comments on the Markdown plugin page on the forum software I see that this is the case. That should be fixable - it oughtn't to be down to a format plugin to oversee malicious code security!
...
Okay, let's try this. I've hacked the Html and Markdown filters so that they work as they ought to and added the kses filter as a non-optional filter to remove malicious (x)html code. So typing <illegal>block</illegal>
simply results in whilst <code>&</code>
produces &
as desired.
Right. You'd better use this functionality!
<div>
I'll use it to complain about the Mardown on the wiki then.<p><code>`&amp;&rarr;`</code> in Instiki produces <code><code>&amp;amp;?</code></code> in XHTML, while <code><code>&amp;&rarr;</code></code> produces <code><code>&amp;?</code></code>.<p>On the blog, things are still worse (again using Mardown+iTeX): even <code>&rarr;</code> is spelt out between <code>`</code>s!<p>Also, I see from the preview of my first, mistyped, version of this comment that <code><code></code> tags still aren't letting through things like <code><p></code> or even <code><b></code>.<p>I don't know how important all this is (especially if I can use <code><tt></code> instead), but there it is.</p></p></p></p>
</div>
1 to 10 of 10