[Mailman-Users] ISO-8859-1/Latin1 vs UTF-8
Bernd Petrovitsch
bernd at firmix.at
Mon Oct 24 20:05:00 CEST 2005
On Mon, 2005-10-24 at 09:52 -0700, Mark Sapiro wrote:
[...]
> As Brad points out in another reply, some of this problem is because
> all text entered in the web interface (except for General
> Options->info which is a special case) is HTML escaped to prevent XSS
> attacks. Mailman arguably goes overboard on this, but the 4 characters
Which is a good thing.
> '&' '<' '>' and '"' are changed respectively to &, <, > and
> " by Python's cgi.escape() method.
Makes sense.
Hmm, mailman could replace that four chars with the ASCII chars just for
plain/text parts od sent out emails. That should not open any security
hole and yield real plain/text.
> Thus, you can't even enter ö and have it work in HTML or plain
> text.
Yes, of course, these are two distinct issues. Sorry for confusion.
> You can convert Mailman to use utf-8 for German language, but this will
> not solve the html escaping issue. If you are interested in converting
> to utf-8, there is relevant information in the archives of this list.
I actually reported a bug (though it may not sound so): I enter
(apparently) UTF-8 text (with Firefox it that is important) and it comes
back disguised (and as part of) ISO-8859-1 text.
The question is: Which part is doing something wrong and how to fix it?
Bernd
--
Firmix Software GmbH http://www.firmix.at/
mobil: +43 664 4416156 fax: +43 1 7890849-55
Embedded Linux Development and Services
More information about the Mailman-Users
mailing list