[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#172132: pkgreport.cgi doesn't cope with & where & is expected

On Sun, Dec 08, 2002 at 12:51:43AM +0000, Darren Salt wrote:
> I demand that Josip Rodin may or may not have written...
> > On Sat, Dec 07, 2002 at 09:17:00PM +0000, Darren Salt wrote:
> >> Any browser which displays
> >>   <a href="index.html>Home page</a>
> >> as a link, containing the text "Home page", to index.html is supporting
> >> broken HTML; should it simply fail to display it?
> > Uhh, I don't see how that is relevant to what we have here. It's not broken
> > to use &amp; to represent the ampersand character in anchor tags; on the
> > contrary, it is exactly according to the specification.
> Wrong end of the stick...? :-)
> The browser rendering the above broken HTML is handling errors. The CGI
> script which understands &amp; is also handling errors.

Unfortunately it can't tell whether it's an error or not. There's no
information loss in your HTML example above; in contrast, browsers that
fail to unescape '&amp;' are transforming one valid URL into another
valid URL, thereby losing information.

I'm pretty sure that having the CGI script understand '&amp;' is the
wrong answer. Using a totally different separator to avoid the whole
issue is probably the right answer.


Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to: