Re: URI.escape - is it needed for wunderbar code?

sebb Sat, 26 Sep 2020 09:22:43 -0700

On Sat, 26 Sep 2020 at 16:37, Sam Ruby <ru...@intertwingly.net> wrote:
>
> On Sat, Sep 26, 2020 at 10:55 AM sebb <seb...@gmail.com> wrote:
> >
> > The URI.escape method is deprecated, and should be replaced.
> >
> > However, I'm not sure it's actually needed for Wunderbar code.
> >
> > For example, posted-reports.json.rb has
> >
> > _link THREAD + URI.escape('<' + mail.message_id + '>')
> >
> > However surely Wunderbar _json handles any necessary escaping?
> >
> > And posted-reports.cgi has:
> > href = THREAD + URI.escape('<' + mail.message_id + '>')
> > ...
> > _a mail.subject, href: href
> >
> > Again, I would expect Wunderbar to do the necessary.
>
> Wunderbar would need a way to know if the href was already escaped.


I've just checked, and it does do some escaping:

$ ruby  -rwunderbar -e'_html {x="<a@b.c>"; y="&"; _h3 x ; _a  y, href: x  }'

gives the following body:

    <h3>&lt;a@b.c&gt;</h3>
    <a href="&lt;a@b.c&gt;">&amp;</a>

This suggests that Wunderbar expects unescaped input?

> - Sam Ruby

Re: URI.escape - is it needed for wunderbar code?

Reply via email to