Last modified: 2014-02-12 23:38:16 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T21063, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 19063 - Pipe (|) in inputs leads to hiding and possibly deletion of content
Pipe (|) in inputs leads to hiding and possibly deletion of content
Status: NEW
Product: MediaWiki extensions
Classification: Unclassified
SemanticForms (Other open bugs)
unspecified
All All
: Normal normal (vote)
: ---
Assigned To: Yaron Koren
http://km.aifb.uni-karlsruhe.de/proje...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-03 08:10 UTC by Markus Krötzsch
Modified: 2014-02-12 23:38 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Markus Krötzsch 2009-06-03 08:10:28 UTC
Using a | in a form input is currently problematic since | has a special meaning in templates. Doing this will put the page into a very bad state, and this cannot be recovered with "edit with form" since the | confuses SF as well. It is not possible to avoid this by clever template construction, since it already happens when parameter values are passed.

The problem can be avoided by replacing | with |.  The example URL shows this workaround -- see older versions for what it looks like without it. Doing this escape in general, however, would break intentional mark-up, e.g. when a user includes a link with an alternative display text in a form input. I suggest to either parse the user input with the MW parser to distinguish those cases, or to have some option "verbatim" that can be declared for an input field when defining a form: this option should make SF escape all special characters, thus preventing most HTML or MW markups, but preserving the original writing. This should be very useful for wikis where users are completely unaware of the underlying wiki.

Note that this solution could also be useful in the context of Bug 19062. Also note that it is not possible to have a parser function that does the escaping in the template, since the special characters often affect the way in which parser functions are actually interpreted, and since mark-up like <!-- will never get to aparser function.

Tested on FF 3.0.10, MW 1.14alpha,  SMW 1.5e-SVN, SF 1.6.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links