blob: 6fccc5c86145a587f71d69e5b1e5314fa02436a9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
compare:
* <jon+markdownbug@example.org>
* <jon.markdownbug@example.org>
* <jon+markdownbug@example.org>
* <jon.markdownbug@example.org>
It seems putting a '+' in there throws it. Maybe it's a markdown bug, or maybe the obfuscation markdown applies to email-links is being caught by the HTML sanitizer.
-- [[users/Jon]]
> It's a markdown bug. For some reason, markdown doesn't recognize the email with a '+' as an email:
>
> $ echo '<a+b@c.org>' | markdown
> <p><a+b@c.org></p>
>
> htmlscrubber then (rightly) removes this unknown tag.
>
>> Filed [in CPAN](http://rt.cpan.org/Ticket/Display.html?id=37909)
>> --[[Joey]] [[!tag done]]
> But I've noticed some other Text::Markdown bugs that, even with htmlscrubber, produce
> [ill-formed (X)HTML](http://validator.w3.org/check?uri=http%3A%2F%2Fikiwiki.info%2Fbugs%2Fmarkdown_bug%3A_email_escaping_and_plus_addresses%2F).
> (View the markdown source of this page.)
>
> --Gabriel
>> The htmlscrubber does not attempt to produce valid html from invalid. It
>> attempts to prevent exploits in html. The tidy plugin can force html to
>> valid. --[[Joey]]
<tt>
-
>
|