I recently try to modernize an extension [1] to use the /_Html _/class
and found a problem (at least for me) .
Like to receive your comments, and tips.
In several cases, I had to use Htlm::rawElement (*) instead of the safer
Html::element because of a nested <div> structure I want to generate like
<div id=outerdiv>
outertext-with- -or-something-character
<div id=innerdiv>
innertext
</div>
</div>
Html::rawElement( 'div',
array( 'some-outer-attributes' => 'some-outer-attribute-values'),
$outertext .
Html:element( 'div'
array( 'some-inner-attributes' =>
'some-inner-attribute-values'),
$innertext
)
After having compared Html methods rawElement and Element, and after
having asked around the #mediawiki
I found that I have to escape the content manually and could/should use
basically one of these two possibilities:
i) The #mediawiki recommended *htmlspecialchars*()
ii) Inside Html:element method I found
*
strtr( $contents, array(**
** // There's no point in escaping quotes, >, etc. in the contents of**
** // elements.**
** '&' => '&',**
** '<' => '<'**
**)*
*Both *are not suited for my case, when $outertext has this " "
character in it.
After looking around in class Html and class Xml I found,
that some of the methods use $wgContLang->normalize( $string ), and this
works for me, too.
I put this is into a private wrapper function escapeContent() =
*$wg**ContLang->normalize() (not shown here)
*
Html::rawElement( 'div',
array( 'some-outer-attributes' => 'some-outer-attribute-values'),
* ***$wg**ContLang->normalize****( $outertext ) .
Html:element( 'div'
array( 'some-inner-attributes' =>
'some-inner-attribute-values'),
$innertext
)
I am however not happy with that approach, because I do not know, if it
is correctly applied.
Therefore my questions to you:
1. Is my approach of applying Html class and using ->normalize()
correct ?
2. What could I do better, perhaps should I apply a certain
Sanitizer::method - or what else ?
3. Perhaps I am fully wrong, then please guide me to find a correct
solution.
I will be available on #mediawiki during the evening hours (UTC+2;
Wikinaut )
[1]
https://gerrit.wikimedia.org/r/#/c/67002/