On Thu, Mar 13, 2003 at 07:58:05PM +0100, Josip Rodin wrote: [...] > > > > + $long_desc =~ s/\&/\&\;/go; > > > > > > That sounds like a fix for another bug, and it doesn't look like it would > > > actually handle the read &s in descriptions... > > > > You're right, that this line (also the two other above) are not > > related to the bug. But i don't understand your problem with it. It is > > actually a fault to have bare &'s in the html-Code (look at the > > example site from the bug one paragraph above). > > The problem is that if someone puts a proper & in a URL, your regexp > would happily convert it to & :)
No, within plain text one writes http://foo.org/?a=1&b=2, escaping is only performed for some other formats (SGML and co). So unless descriptions are going to be considered as HTML text, this fix is meaningful. Denis
