Page MenuHomePhabricator
Create Task
Maniphest T48626

XML formatter: get rid of broken xmldoublequote parameter
Closed, ResolvedPublic
Actions

Description

The xmldoublequote parameter (described in bug 11401) is supposed to double-escape everything in the XML output. However, in MediaWiki 1.16 and newer, specifying it seems to have no effect.

This is easily reproduced using the provided URL. The expected output is that of MediaWiki 1.15 and older.

Actual: <page title="&amp;&lt;&gt;" invalid="" />
Expected: <page title="&amp;amp;&amp;lt;&amp;gt;" invalid="" />

Version: 1.21.x
Severity: minor
URL: https://www.mediawiki.org/w/api.php?action=query&titles=%26%3C%3E&xmldoublequote

Details

Reference
bz46626

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 22 2014, 1:24 AM
bzimport added a project: MediaWiki-Action-API.
bzimport set Reference to bz46626.
PleaseStand created this task.Mar 28 2013, 7:36 AM
Anomie added a comment.Mar 28 2013, 1:50 PM

This has been broken since r55641. Since it hasn't worked for about 3.5 years, is there really any point to keeping this feature or should we just kill it?

Bug 11401 mentions some sort of xpath bug; does anyone have details on this?

Aklapper added a comment.Apr 8 2013, 3:03 PM

PleaseStand: Any opinion on comment 1?

PleaseStand added a comment.Apr 8 2013, 4:05 PM

The XPath flaw is that there is no way to escape a string that contains both an apostrophe and a double quote. However, it is possible to work around the flaw using the concat function (to concatenate single- and double- quoted strings together).

http://www.w3.org/TR/xpath/#exprlex
http://stackoverflow.com/questions/6937525/escaping-xpath-literal-with-python

The flaw has been corrected in XPath 2.0.

http://www.w3.org/TR/xpath20/#id-literals

It doesn't seem clear that the confusingly named "xmldoublequote" feature (I thought it meant XML attribute values should never be single quoted) was ever necessary.

gerritbot added a comment.Apr 9 2013, 1:26 AM

Related URL: https://gerrit.wikimedia.org/r/58261 (Gerrit Change I9a4d8c13b78ffd2634d03c8c8b4bbeff69f4bc08)

Aklapper removed a subscriber: Anomie.Oct 16 2020, 5:43 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL