[Catalyst] Bug in URI ?!
Jonathan Rockway
jon at jrock.us
Mon Sep 11 03:16:38 CEST 2006
> That's right, the ampersands are not escaped. Technically, that is the
> correct thing to do, but in a template which 99.9% of the time is for
> HTML, e.g. [% c.uri_for('/foo', { page => 2, view => 'xml' } %] it's
> almost certainly not what you want.
>
That's why there's the "HTML" filter in TT:
[% c.uri_for('/foo') | html %]
In an MVC framework, the "View" is where you want to turn things into
HTML, so that's where you should escape the URIs. If you were
outputting YAML, you wouldn't want to escape the URI in the same way.
(Note that you'll want to use | xml for escaping in XHTML docs, but in
this case the difference between the two won't manifest itself.)
Regards,
Jonathan Rockway
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 370 bytes
Desc: OpenPGP digital signature
Url : http://lists.rawmode.org/pipermail/catalyst/attachments/20060910/35260bda/attachment.pgp
More information about the Catalyst
mailing list