On Wed, 19 Mar 2008 22:24:36 -0500, Karen wrote
> On 3/19/08, Alex Teslik <alex@...> wrote:
> > But then I can no longer do all my escaping in the template.
> Well, you're effectively handing it a half-escaped string. That's
> kind of a special case.
I disagree. The string I'm giving that contains entities is completely valid
and not half-escaped. An entity is not always an escaped string - aside from
the 4 common entities &, <, >, and ", any other entity can be
decoded and co-exist with no problem among the html code. &, <, >, and
" are escapes because they prevent specific characters from breaking the
html code - and happen to perform the escaping by converting those characters
> > So I propose that the HTML::Template escaping does not squash HTML entities.
> That would break its behavior for me
The code I submitted would not break your example because it does not change
the behavior regarding legitimate &, <, >, or " characters. It simply changes
the behavior to not _also_ escape other legitimate entities that also happen
to contain legitimate ampersands.
> An alternate escaping method would be fine
An alternate option is probably a good idea.