Menu

#673 HTML tags in titles

v1.0 (example)
closed-fixed
Ahasuerus
None
5
2023-02-09
2017-06-15
Anonymous
No

Take a look at the title for http://www.isfdb.org/cgi-bin/title.cgi?2145123

It’s "<sarcasm> Adventures in Gaming </sarcasm>"

It came from http://www.isfdb.org/cgi-bin/mod/pv_new.cgi?3332368

The XML blob is http://www.isfdb.org/cgi-bin/mod/dumpxml.cgi?3332368 which has
<ctitle><sarcasm> Adventures in Gaming </sarcasm></ctitle>

I suspect we should escape the <> angle brackets for fields other than the ones we intend to contain HTML. We also need to apply escapes when searching those fields.

Discussion

  • Ahasuerus

    Ahasuerus - 2022-06-29
    • assigned_to: Ahasuerus
     

  • Ahasuerus

    Ahasuerus - 2022-06-29

    Part 1 - Title display. Fixed in common/library.py, installed in SVN 942 on 2022-06-29.

     

  • Ahasuerus

    Ahasuerus - 2022-06-30

    Part 2 - Static values:

    biblio/awardtype.py
biblio/biblio.py
biblio/common.py
biblio/languages.py
biblio/pl.py
biblio/title.py
common/awardClass.py
common/awardcatClass.py
common/isfdb.py
common/library.py

    Installed in SVN 943 on 2022-06-29.

     

  • Ahasuerus

    Ahasuerus - 2022-06-30

    Part 3 - Fixed page counts. Fixed in biblio/common.py, installed in SVN 945 on 2022-06-30.

     

  • Ahasuerus

    Ahasuerus - 2023-02-09
    • status: open --> closed-fixed
     

  • Ahasuerus

    Ahasuerus - 2023-02-09

    All display pages have been fixed to display embedded HTML correctly -- see Part 2-64 of Support Request 68 for details. Closing the bug report.

     

Anonymous
Anonymous

Add attachments
Cancel





MongoDB Logo MongoDB