http://qs321.pair.com?node_id=328257


in reply to Re: Site HTML filtering, Phase II
in thread Site HTML filtering, Phase II

Actually, the Perlmonks stuff is pretty simple. The only hard part is remembering which of the less common but harmless and useful HTML tags don't work. (ISTR that cite doesn't work, but I could be misremembering; maybe it was q that doesn't work. I'm not sure. I often just use them anyway, because when they're what you intend, there's nothing else with the right semantics.) That, and remembering the entity for escaping the left square bracket. (I usually just put code tags around it. Easier to remember.) If you want to see some needlessly complicated and gratuitously different site markup, have a look at Wikipedia sometime. I am continually thankful that Perlmonks markup is mostly just HTML.

Can't we just have a setting that puts an implicite <code> and </code> around our postings?

Well, you could always change your node template to that in protest. Such a protest would have about as much impact on the rest of us as Coruscate's XP/reputation/voting protest, but we'd all know where you stand on the issue.

My first reaction when I read the description of these new changes is that the error checking is quite lenient. I suppose that's a good thing. If I had written the checker, it would probably just reject or escape anything that's not wellformed (in addition to anything that smacks of javascript), which would probably be a major annoyance to people who still write legacy HTML, of whom there are still quite a few out there I suspect, the number of years since XHTML was put forward notwithstanding. So, be happy that tye wrote it, because he did a pretty good job IMO of making the checker as lenient as could be reasonably hoped for. (There are people who would want no checker at all, but I think you understand why that would cause problems in practice.)

update: Heh. Sure, I say that, and then I see that the error reporting is showing an error in the perfectly cromulent markup that is my signature, crossing out the closing tag on my horizontal rule element. Probably because it's an empty element. Guess I'll switch to the newer XML-style of closing (at the end of the open tag) for empty elements. It's probably been chopping out my closing hr tag all along and I never noticed due to the lack of error reporting.

update2: Heh again. The XML-style closing / gets stripped out too, though it doesn't generate any warning at level 3. Next time I preview a new node I'll see whether it shows at level 4. Not that it matters, I suppose; it all gets doctyped at 4.0 Transitional anyway, so I don't think there's a single browser anywhere that actually cares about closing off empty elements. I was just closing them off on principle.

update3: Hmmm... What I *thought* I saw was that it actually got stripped. What I *actually* discovered is that View Selection Source in Mozilla does not give exactly the same source as View->Page Source does. The former shows <hr> and the latter shows <hr />. Weird.


$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}} split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/

Replies are listed 'Best First'.
Re: Site HTML filtering, Phase II
by Abigail-II (Bishop) on Feb 11, 2004 at 14:54 UTC
    The only hard part is remembering which of the less common but harmless and useful HTML tags don't work.
    No, no, no. The hard part is finding out which elements are named the same in both HTML and Perlmonks, but act differently. <code> for instance means something else in HTML than in Perlmonks. But I still haven't figured out how the <a> element is working on Perlmonks. Sometimes, it creates a link. Sometimes it appears as is.

    That, and remembering the entity for escaping the left square bracket. (I usually just put code tags around it. Easier to remember.)
    Easier to remember, but not easier to type. Having to type 13 extra characters to be able to type a common character in Perl isn't what I say "easy". At least in POD, you only need three extra characters: C<[>. And in POD, you don't even have to put any markup around a function() or a $variable. POD knows.
    If you want to see some needlessly complicated and gratuitously different site markup, have a look at Wikipedia sometime.
    Actually, I've contributed some bits to Wikipedia the last week. I vastly prefer the [[link]] syntax over [link] as it means one can use unescaped left brackets if they aren't followed by another left bracket. [..] is common when discussing perl. [[..]] is a rare appearance in Perl code. I also prefer mechanisms like ''foo'' or *bar* to make something emphasized/italics or strong/bold, like Wikis or news/mail readers do.

    Abigail

      There is only one "tag" that behaves differently on PM vs elsewhere, and that is <code>. <readmore> is an additional pseudo-tag, but has no meaning in normal HTML. (In fact, we make use of the fact that it is meaningless in normal HTML.) I have no idea what behavior you're seeing with <a>; if you give me further information, I can attempt to explain. Perhaps you'll trying to put it in a place where all HTML is escaped.

      As to <code>[</code> being difficult to type, you're correct, it is. However, it's rare to mention the [ character all by it's lonesome. When you do, &#91; is not difficult to type, or to remember. Code tags are useful semantic information, and allow for better visual cues. Please, don't abuse them for formatting.

      Allowing input-as-POD, or another semi-plaintext format is easy to do wrong and difficult to do right. So far, we've done pretty well, I think, at not doing things wrong.

      Having a tag like code that says "things inside this tag are PODish" is an interesting idea, and I may get around to taking a look into it at some point, but many, many, many things are higher up on my todo list.


      Warning: Unless otherwise stated, code is untested. Do not use without understanding. Code is posted in the hopes it is useful, but without warranty. All copyrights are relinquished into the public domain unless otherwise stated. I am not an angel. I am capable of error, and err on a fairly regular basis. If I made a mistake, please let me know (such as by replying to this node).

        <a href = "http://people.ku.edu/~nkinners/LangList/Langs/P/PEARL1.htm">Try this. I've also have had problems in the past where the only way to get an <a> element to be accepted was to remove the spaces surrounding the =, but I can't remember exactly where I tried to link to, and I can't reproduce it.

        Abigail

        When you do, &#91; is not difficult to type, or to remember.

        I want to live in your universe.

        When I was an Initiate (and a Novice, and an Acolyte...), I kept &#91; on my scratchpad, so that I had an easy way to find it. However, I discovered that however I put it, it would either be visible when I viewed my scratchpad in a textedit box, or else it would be visible when I viewed it the regular way. So I put it both ways (with the ampersand escaped or not). I was hoping that eventually I would just remember it, but I keep getting it confused with the entity for single quote (which I *have* to remember, for non-Perl work-related reasons), confusing it with other random ASCII character numbers, and otherwise mixing it up and getting it wrong. So I had to consult my scratchpad for the correct number nearly every time.

        Eventually I needed my scratchpad for something else, so I gave up and started putting the left square bracket in code tags, which was so much easier (not having to consult my scratchpad every time I post anything) that I instantly became addicted to it. This is where I stood until this thread; now I have arranged to have the entity in my signature for easy reference :-)

        If there were an easy pseudoentity for it, such as &lbracket;, I would use that instead. Or maybe *eventually* I'll memorize the numerical code for left square bracket, but with all the other ASCII codes floating around in my head for one reason or another, that one has a tendency to get lost.

        I guess I don't use it quite often enough. Plus, numbers are much harder for me to remember than words.

        The real problem with escaping the left square bracket, though, is for newbies. The entity for it is (not surprisingly) not on *any* of the usual lists of HTML entities. It's not on the htmlhelp.com lists, not on the w3schools lists, nowhere. Nor is it documented in the FAQ here. You've got to drag out an ASCII chart. This is not newbie-friendly. update:Hmmm... It *is* listed in the "how to escape" thingy that's linked from preview, though; how come I never noticed that before? I could have saved myself all that messing around with my scratch pad.


        ;$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}} split//,".rekcah lreP rehtona tsuJ";$\=$;[-1]->();print

      I have been quiet on this matter, but i have to pipe in and say that replacing [ .. ] with [[ .. ]] is a SPLENDID idea and you hit the nail on the head why it is a better fit for this site. (typing &#91; is a royal PITA!)

      There seems to be two major problems (barring having all pages be W3C compliant (X)HTML)

      1. newcomers not knowing how to format code sections
      2. folks using "unescaped" [ .. ] sequences, inadvertently producing potential Google hits to their array indices.
      I think that getting newcomers to use code tags will always be a problem ... but switching [ .. ] to [[ .. ]] should completely alleviate the need for "inline" code tags, such as $this->[$example].

      As for using POD ... newbies have a hard enough with programming, let alone Perl. Offer them POD and watch them run screaming ... maybe not a bad idea after all ...

      My stock answer for posting with POD is pod2html | perl -pe 'custom filters here' | tidy which has served me quite well for several of my larger, premeditated posts.

      jeffa

      L-LL-L--L-LL-L--L-LL-L--
      -R--R-RR-R--R-RR-R--R-RR
      B--B--B--B--B--B--B--B--
      H---H---H---H---H---H---
      (the triplet paradiddle with high-hat)
      

        Now all you have to do is convert a few hundred thousand nodes to this new standard... not a small number of which are nodes used to implement the site and that contain Perl code (sometimes in templates -- BTW, the templates use several flavors of square brackets for designating different types of code) and some of that code emits square brackets because it knows they'll be turned into links... well, and a few other tasks will also be required...

        Having written POD, I'm convinced that the problems with < and > would be worse with POD than the current problems with [ and ]. And I bet the problems with URLs would be worse as well (I've certainly heard several people get frustrated trying to make POD link to URLs). I find it mildly humorous that the problem of using C<...> to surround Perl code (which has lots of uses for < and >) was "improved" by adding support for C<< ... >>, since Perl code also has several uses for " <<" and " >>", and such uses rarely nest. But then I haven't had reason to study the new POD yet. And I'm not trying to bash POD. I like many things about POD.

        I also think PerlMonks should take a few good ideas from POD.

        And [[ ... ]] is a fine idea. We could even add support for it. But that won't do much good since it won't really help until we can remove support for [ ... ], and I doubt that is going to be in the ballpark of either quick or easy.

        I'll continue working on making this site work better. The handling of HTML(ish) and [ ... ] has improved quite a bit over the last few years and several more improvements are already begun. There are certainly still bugs and other room for improvement.

        [ ... ] parsing should probably be merged into the HTML filtering (since some people expect to not have to escape square brackets inside of links even though they have to escape them most other places at PerlMonks) and we already don't have to escape < and > most places, including inside of square brackets. There's a good chance I can do that without increasing the cost of the filtering considerably.

        I think new users should have "[possible link]" displayed as "[possible link]" so the problem of forgetting to encode your brackets is less severe. I think we should support &lsb; and &rsb;.

        I'd rather use [[...]], but I don't currently see a path to it that is worth persuing. This is probably where someone will suggest starting over. Feel free. It's a great idea and I'd love to see it happen. However, I have no interest in working on it myself.

        I'll be watching to see what schemes for solving the backward compatibility problem get posted, and the back of mind will be thinking about it as well.

        - tye        

      The hard part is finding out which elements are named the same in both HTML and Perlmonks, but act differently. <code> for instance means something else in HTML than in Perlmonks.

      code tags are something I use often enough that they're not hard to remember.

      But I still haven't figured out how the <a> element is working on Perlmonks.

      Hmmm. I haven't run into that one. As near as I can tell, it works like in regular HTML. Must be I just haven't tried the right (or wrong) thing yet.

      Easier to remember, but not easier to type.

      Agreed, I find having to escape the left square bracket annoying (I did say it was one of my two pet annoyances on pm, didn't I?), and doing the editing in a browser textarea control instead of a real editor doesn't help this any. Sometimes I'm tempted to do a whole post in Emacs and copy-and-paste it over. Sometimes I do that. I suppose the bracket syntax for perlmonks was taken from E2 and/or Wiki, but I've always wondered why the same things couldn't be done with angle brackets...

      How It IsHow It Could Have Been
      [jonadab] <node jonadab>
      [id://328276] <id 328276>
      [cpan://Net::Server::POP3] <cpan Net::Server::POP3>
      [Newest Nodes] <node Newest Nodes>
      [weird syntax >= escaping] <node "weird syntax >= escaping">

      However, retrofitting those changes now would be quite painful, as all existing nodes would be impacted (and that's ignoring developing and testing the code for the changes).

      At least in POD

      Please, no POD. I do *not* want to try deal with significant whitespace in a feature-impoverished browser textarea, and if you think getting newbies to use code tags and whatnot is hard with an HTML-like markup, just you think about trying to convince newbies who want help with PERL that they should post their question with POD markup. Gah. Gives me the heebie-jeebies just thinking about it.


      $;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}} split//,".rekcah lreP rehtona tsuJ";$\=$ ;->();print$/
        Please, no POD. I do *not* want to try deal with significant whitespace in a feature-impoverished browser textarea, and if you think getting newbies to use code tags and whatnot is hard with an HTML-like markup, just you think about trying to convince newbies who want help with PERL that they should post their question with POD markup. Gah. Gives me the heebie-jeebies just thinking about it.
        An option to post in POD doesn't mean a requirement to do so. If Perlmonks were to allow posts in POD and/or plain text, I'd imagine a drop down box, or a radio button next to the textarea to flag the format of the posting. Defaults could come from a user preference, or from the users last post. I'd also imagine a heuristic that classifies the posting with a great degree of accurancy, and relative simple ways for the poster to force a markup style if the guesser guesses wrong. (Say, a post starting with <html> is in HTML, a post starting with =\w+ is in POD, regardless how the rest of the post looks like).

        As for the significant whitespace thing, whitespace inside <code> is currently significant. Quite significant actually.

        Abigail

Re^2: Site HTML filtering, Phase II (</hr>)
by tye (Sage) on Feb 11, 2004 at 20:04 UTC
    The XML-style closing / gets stripped out too

    What? Yes, </hr> gets stripped now and didn't used to. But for some time now, <hr> has been changed to the XMLish <hr />.

    Oh, I see. There is a bug in that <hr /> can *report* (if you have error reporting set high enough) that the / was stripped when in fact it wasn't. I'll fix that soon.

    Thanks.

    - tye        

Re: Re: Site HTML filtering, Phase II
by theorbtwo (Prior) on Feb 11, 2004 at 16:52 UTC

    If you give me a list of tags, and where you think they should be allowed, I'll look at them. Can't promise more, I'm rather busy at present.


    Warning: Unless otherwise stated, code is untested. Do not use without understanding. Code is posted in the hopes it is useful, but without warranty. All copyrights are relinquished into the public domain unless otherwise stated. I am not an angel. I am capable of error, and err on a fairly regular basis. If I made a mistake, please let me know (such as by replying to this node).

      If you give me a list of tags, and where you think they should be allowed, I'll look at them. Can't promise more, I'm rather busy at present.

      Please don't feel like there's any urgency here. I didn't mean to be complaining. These are actually quite small annoyances. Still there are some entities that I do occasionally miss being able to use...

      • abbr and/or <acronym title="FOO">Foreign Optometrists' Organization</acronym>
      • <cite>Citation</cite>
      • <q>Short Quotation</q>. Maybe I'm being silly with this one, since we can still use traditional "quote marks".
      • deleted text. This is semantically pretty much the same as <strike>strikethrough</strike>, except that <strike> is deprecated and <del> isn't. Again, maybe I'm being silly with this one. (Sometimes it's hard for me to tell when I'm being silly or not about things like this.) If <del> were supported, it would make sense to also support inserted text, as they seem to go together.
      • It's tempting in some ways to add <style> to the list, but I can think of N ways in which it could be abused, so it's probably best left out.

      <cite> happens to be the one I've used most often, forgetting that it wasn't permitted, though <abbr> when I do miss it is somewhat more bothersome.

      As far as where they should be allowed, I'm not sure I understand the inner workings of the site well enough to say, other than that it's usually in an ordinary node body (such as either a root node or reply in SOPW, obfuscation, Meditations, ... you know, a regular node). I don't recall ever missing the ability to use any of these tags in a node title. Hmmm... in the chatterbox maybe though.


      ;$;=sub{$/};@;=map{my($a,$b)=($_,$;);$;=sub{$a.$b->()}} split//,".rekcah lreP rehtona tsuJ";$\=$;[-1]->();print