16 Jul
2016
16 Jul
'16
4:33 a.m.
+0.95, depending on where it is actually used.
If it's about content (mostly forms) that the XWiki developers write as
part of applications, without any user-generated content, then +1.
If user content is involved, then always clean it.
If it's both, then I'd use two {{html}} macros, non-cleaned for our
content, cleaned for the user content, although this will rarely be
needed, since user content is already processed by the doc.display and
related methods.
On 07/15/2016 10:13 AM, Marius Dumitru Florea wrote:
Hi devs,
I'd like to propose that we use, from now on, {{html clean="false"}} when
developing applications, because:
* HTML cleaning is an extra step that can increase page loading time
* the HTML cleaner can have bugs (like any other code) or unexpected
behaviour (like removing some elements or some attributes when you don't
expect it)
* when I make a mistake in my HTML code I'd like to detect it as soon as
possible, instead of letting the cleaner silently "fix" it for me. Note
that we would still have the webstandards validation tests as a safety net
(only for the default distribution though)
We should keep clean=true by default because we don't want the XWiki users
to break the XWiki UI too easily when they copy some HTML from the web and
paste it inside the HTML macro.
Here's my +1
WDYT?
Thanks,
Marius
--
Sergiu Dumitriu
http://purl.org/net/sergiu/