Remove SafeText from url so it can be escaped #2222

Providence-o · 2025-09-22T13:45:30Z

format_html marks the url string as a SafeText which prevents it from being escaped when the html is rendered

thibaudcolas

@Providence-o thank you for giving this a go! This fixes #2131 but reintroduces another issue, which is that alt_text needs to have some escaping done still, at least for double quotes.

Here is what arrives in my clipboard if I use the "Raw HTML" copy button for an image with alt text Green events "tools":

<img src="/m/blog/images/2025/10/green_events_tools.png" alt="Green events "tools"">

This is now invalid HTML since there are double quotes inside alt. Instead, we would want:

<img src="/m/blog/images/2025/10/green_events_tools.png" alt="Green events &quot;tools&quot;">

Remove SafeText from url so it can be escaped

7c1ff73

Providence-o force-pushed the html-escape branch from de3d219 to 7c1ff73 Compare September 22, 2025 13:48

thibaudcolas reviewed Oct 7, 2025

View reviewed changes

thibaudcolas added the blog label Oct 7, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Remove SafeText from url so it can be escaped #2222

Remove SafeText from url so it can be escaped #2222

Providence-o commented Sep 22, 2025

Uh oh!

thibaudcolas left a comment

Uh oh!

Uh oh!

Uh oh!

Remove SafeText from url so it can be escaped #2222

Are you sure you want to change the base?

Remove SafeText from url so it can be escaped #2222

Conversation

Providence-o commented Sep 22, 2025

Uh oh!

thibaudcolas left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!