Last modified: 2013-04-22 16:16:50 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T48626, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 46626 - XML formatter: get rid of broken xmldoublequote parameter
XML formatter: get rid of broken xmldoublequote parameter
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
API (Other open bugs)
1.21.x
All All
: Normal minor (vote)
: ---
Assigned To: Kevin Israel (PleaseStand)
https://www.mediawiki.org/w/api.php?a...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-03-28 07:36 UTC by Kevin Israel (PleaseStand)
Modified: 2013-04-22 16:16 UTC (History)
5 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Kevin Israel (PleaseStand) 2013-03-28 07:36:16 UTC 
The xmldoublequote parameter (described in bug 11401) is supposed to double-escape everything in the XML output. However, in MediaWiki 1.16 and newer, specifying it seems to have no effect.

This is easily reproduced using the provided URL. The expected output is that of MediaWiki 1.15 and older.

Actual: <page title="&amp;&lt;&gt;" invalid="" />
Expected: <page title="&amp;amp;&amp;lt;&amp;gt;" invalid="" />
Comment 1 Brad Jorsch 2013-03-28 13:50:42 UTC 
This has been broken since r55641. Since it hasn't worked for about 3.5 years, is there really any point to keeping this feature or should we just kill it?

Bug 11401 mentions some sort of xpath bug; does anyone have details on this?
Comment 2 Andre Klapper 2013-04-08 15:03:52 UTC 
PleaseStand: Any opinion on comment 1?
Comment 3 Kevin Israel (PleaseStand) 2013-04-08 16:05:02 UTC 
The XPath flaw is that there is no way to escape a string that contains both an apostrophe and a double quote. However, it is possible to work around the flaw using the concat function (to concatenate single- and double- quoted strings together).

http://www.w3.org/TR/xpath/#exprlex
http://stackoverflow.com/questions/6937525/escaping-xpath-literal-with-python

The flaw has been corrected in XPath 2.0.

http://www.w3.org/TR/xpath20/#id-literals

It doesn't seem clear that the confusingly named "xmldoublequote" feature (I thought it meant XML attribute values should never be single quoted) was ever necessary.
Comment 4 Gerrit Notification Bot 2013-04-09 01:26:12 UTC 
Related URL: https://gerrit.wikimedia.org/r/58261 (Gerrit Change I9a4d8c13b78ffd2634d03c8c8b4bbeff69f4bc08)
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links