jthilo |
Hi,
I've noticed that the ampersand ("&") and less-than ("<") characters are not properly HTML-escaped when we include them in our posts. I didn't find anything on the site explaining that users are supposed to escape them manually, and people who don't know HTML probably won't realize they're doing anything wrong.
Right: & < (I escaped these manually)
Wrong: & < (the way many people will type them)
I'd include an HTML validator link for this post, but I think all the other HTML errors would obscure the appropriate messages. :-)
Gary Teter Senior Software Developer |
jthilo |
Gary Teter wrote:
You're right. The next time I roll the site & and < should be properly escaped. People should just type them normally. The messageboards run on our subset of BBCode, not HTML -- HTML tags and entities should not be used.
Hi Gary,
> and " should get that treatment as well, although they're less likely to cause problems when mishandled.
Gary Teter wrote:
The rest of the validation errors, well.... Maybe someday.
:-)