If a Title Update submission includes a URL in the Notes field, that URL will have "http://www.isfdb.org/cgi-bin/mod" added and extraneous backslashes and quotes will appear in the Title Update screen (ta_update.cgi), e.g. http://www.isfdb.org/cgi-bin/mod/\"http://www.eapoe.org/works/tales/specsa.htm\"
Anonymous
I can't reproduce that. More details please?
URL in the A tag, put in the Notes field something like:
sasas <a href="http://aaa.aa">sasas</a>
The < > characters are not escaped, but while on the "Proposed Title Update Submission" page (tv_update.cgi) the Notes field has a working link, "Title Update - SQL Statements" (mod/ta_update.cgi) has link to "http://fed8.roglo.net/cgi-bin/mod/%5C%22http://aaa.aa%5C%22". I guess the <, > should be replaced with < > so that we can see the embedded HTML. Perhaps there is already a function to do this?
(now let's see what Tracker will make of this).
Oh, and the strange form of the URL results from escaping quotes ", the code on the page is:
sasas <a href=\"http://aaa.aa\">sasas</a>'
with the current directory being http://www.isfdb.org/cgi-bin/mod. Perhaps IE shows it in a different way?
Note that there is another bug filed, related to embedded HTML: Field data is not escaped for <> - ID: 2551729
I guess we could try to fix 2551729 and see if it also fixes this bug?
Well, it's easy to make ta_update.py show a working link like tv_update.py does - just print a non-escape_string-ed version of the queries. Do people want that, or to see the html as text?
I think a working link would be more useful in case the approver wants to check where it leads.
mod/ta_update.py 1.4 committed, which has the working link.
Fixed in r2009-03.