HTML in Language Strings

Contact the Development Working Group here: http://groups.google.com/group/joomla-dev-general

This forum is now closed and archived.
Locked
wdaniels
Joomla! Apprentice
Joomla! Apprentice
Posts: 18
Joined: Thu Aug 25, 2005 11:44 am
Contact:
Contact wdaniels

HTML in Language Strings

Post by wdaniels » Wed Jun 25, 2008 11:28 pm

Hi, I was just wondering if there is some official policy/guideline regarding the use of HTML in the language strings. My concern is that this text sometimes gets plugged directly into things like atttribute values, without being escaped, which means that it can produce invalid XHTML. For example, we have:

Code: Select all

PARAMALTREADMORE=Enter the text that you want to appear alongside the dynamic <em>Read more:</em> link instead of the default setting of using the Article Title.
Which ends up (unescaped) somewhere in a title attribute for the (x)html of the content parameters.

So, what I'm asking really is whether the bug is that there are html tags in some language strings in the first place, or that it is plugged into attribute values without being escaped?

Note that I have also found some places where the code directly generates unescaped html and plugs it into attribute values, like the Publish Information tooltip (ContentView->showContent, administrator/components/com_content/admin.content.html.php).
Top
Locked

Return to “Development”