Page MenuHomePhabricator

Modify HTML escaping and URL rewriting
Closed, ResolvedPublic

Description

Spitfire currently has a Strings class that provides the method strtoHTML. This method is rather unflexible and even is potentially bugged by the way it works. The method should be broken up into two:

  • escape which should handle the HTML escaping for different scenarios. We need it to be flaggable so HTML can be escaped within and outside the HTML tags. This could potentially be solved by introducing a quote method to escape the HTML with quotes.
  • urls which should make URLs within the text clickable.

The strToHTML method currently has two parameters, the string it's supposed to escape and an optional callback that allows the user to customize how the function treats the URLs within the text. This has been a sufficiently flexible mechanism, since it provides the user with options to alter the way the data is presented, and even mechanisms to allow for link shortening or shimming within an application.

The proposed implementation would convert the code that currently looks like

$escaped = \Strings::strToHTML($str);

into

$escaped = \Strings::urls(\Strings::escape($str));
#or
$quoted  = \Strings::urls(\Strings::quote($str));

This gets a bit verbose, but if we introduce a few short-hand functions to the code we can get something like this:

$escaped = _u(_e($str));
#or 
$quoted  = _u(_q($str));

Top level functions that are prefixed with an underscore (_) in Spitfire are buffer manipulating functions.

Event Timeline

cesar triaged this task as Normal priority.Oct 29 2019, 3:48 PM
cesar created this task.
cesar created this object with visibility "Public (No Login Required)".
cesar closed this task as Resolved.May 4 2020, 9:48 AM

D283 does resolve this.