Jakub Narebski <jnareb@xxxxxxxxx> writes:
> Junio C Hamano wrote:
>
>> Speaking of -title, I see "sub git_project_list_body" does this:
>>
>> $cgi->a({ ... -title => $pr->{'descr_long'}}, esc_html($pr->{'descr'}));
>>
>> which seems inconsistent with the earlier quoted $fullname
>> handling (unless $pr->{'descr_long'} is already quoted and $pr->{'descr'}
>> is not, which I find highly unlikely).
>
> CGI::a() subroutine automatically quotes properly _attribute_ values,
> but it does not (and it should not) quote _contents_ of a tag.
>
> So the above code is correct.
Sorry, you lost me... I am wondering what you mean by
"automatically". Do you mean 'always'?
And if that is the case, shouldn't we drop esc_html() around
$fullname here?
... For example, many places esc_html()
is used as the body of <a ...>$here</a> but some places it is
used as
$cgi->a({ ... -title =>esc_html($fullname) }, esc_path($dir))
as we do not have it around $pr->{'descr_long'} in the above?
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html