On 2/27/07, Jim Wilson wilson.jim.r@gmail.com wrote:
Yeah it's hacky - I can't argue with that - but it's the only way I know of to deal with all three of the following:
- HTML comments found in wikitext are stripped (we get around this by using
an extension tag) 2) Whitespaces in extension output are converted to <br> and <p> tags (we get around this by putting it in an HTML comment) 3) Malicious users could prematurely end the comment by putting "-->" in the keyword text followed by <script> or any other HTML markup (we avoid this by base64 encoding all input and only decoding it during the meta parsing step).
If there's a better way to achieve this, I'm open to suggestions. I've been using this technique on extensions I've been developing since I haven't yet found a better way. But seriously, if there /is/ a cleaner way to do this I'd love to know about it :)
Probably the "cleanest" way to do it would be to create a new database table for it, akin to categorylinks or other metadata tables, and query that on page render. Whether in practice that's better than the hacky solution, I don't know.