[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#242020: marked as done (www.debian.org: security/dsa-long.en.rdf has HTML markup in <description> tag)

Your message dated Thu, 26 Jul 2007 16:25:12 +0200
with message-id <20070726142512.GA2350@cordelia.zoetekouw.net>
and subject line Bug@242020: www.debian.org: security/dsa-long.en.rdf has HTML markup in <description> tag
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: www.debian.org
Severity: wishlist
Tags: patch

I just added http://www.debian.org/security/dsa-long.en.rdf to my RSS
feed aggregator and realized that it does behave strangely.
AIUI, the description tag is not supposed to contain ordinary HTML markup
in RSS 1.0.  Since it is ment as a teaser anyway, and interested people
are supposed to follow the link (thats the rss design), I think it would
not hurt to be more standards compliant and simply strip well-known
HTML constructs.

Index: english/template/debian/recent_list.wml
RCS file: /cvs/webwml/webwml/english/template/debian/recent_list.wml,v
retrieving revision 1.115
diff -u -r1.115 recent_list.wml
--- english/template/debian/recent_list.wml	20 Feb 2004 08:18:24 -0000	1.115
+++ english/template/debian/recent_list.wml	4 Apr 2004 11:07:21 -0000
@@ -320,10 +320,12 @@
                 # HTML entities
                 $moreinfo =~ s/(&[^#;]+;)/&decodehtmlentity($1)/ge;
                 # <email "xxx"> <url "xxx">
-                $moreinfo =~ s#<email "([^>]+)">#<a href="mailto:$1";>$1</a>#g;
-                $moreinfo =~ s#<url "([^>]+)">#<a href="$1">$1</a>#g;
+                $moreinfo =~ s#<email "([^>]+)">#$1#g;
+                $moreinfo =~ s#<url "([^>]+)">#$1#g;
                 # HTML tags
-                $moreinfo =~ s/</&lt;/g;
+      		$moreinfo =~ s#</?p>##g; 
+		$moreinfo =~ s#<a [^>]+>([^<]*)</a>#$1#g;
+	        $moreinfo =~ s/</&lt;/g;
                 $moreinfo =~ s/>/&gt;/g;
                 $moreinfo =~ s/"/&quot;/g;
                 # WML continuation

  Mario | Debian Developer <URL:http://debian.org/>
        | Get my public key via finger mlang@db.debian.org
        | 1024D/7FC1A0854909BCCDBE6C102DDFFC022A6B113E44

Attachment: pgpN_K3erbHgn.pgp
Description: PGP signature

--- End Message ---
--- Begin Message ---
I think this bug is a non-issue nowadays.  Almost all rss and rdf feeds
include (x)html formatting inside the feeds, and this is explicitly
allowed by the specification [1].  Therefore, I am closing this bug.

Kind regards,

[1] http://web.resource.org/rss/1.0/spe

Kind regards,
| Bas Zoetekouw              | GPG key: 0644fab7                     |
|----------------------------| Fingerprint: c1f5 f24c d514 3fec 8bf6 |
| bas@debian.org             |              a2b1 2bae e41f 0644 fab7 |

--- End Message ---

Reply to: