Feature #24662
open
Add option to remove trailing whitespace on saving wiki pages
Added by David Lukas Müller almost 8 years ago.
Updated almost 8 years ago.
Description
Formatting non-trivial tables with many rows and columns in Textile is very prone to formatting errors when trailing whitespace is inserted unintentionally after the trailing pipe symbol "|".
To illustrate this consieder the following table
|_. row |_. A |_. B |
| 1 | a1 | b1 |
| 2 | a2 | b2 |
| 3 | a3 | b3 |
If written as intended without trailing whitespace everything looks good, ...
row |
A |
B |
1 |
a1 |
b1 |
2 |
a2 |
b2 |
3 |
a3 |
b3 |
... but the layout is destroyed when trailing whitespace is added (unintentionally) at the end of the second row:
row |
A |
B |
1 |
a1 |
b1 |
2 |
a2 |
b2 |
3 |
a3 |
b3 |
Since I cannot figure out real use cases for meaningful trailing whitespaces, I would suggest to add an checkbox
[ ] remove trailing whitespace on save
near the "Save" and "Preview" buttons when editing a wiki page.
David Lukas Müller wrote:
Since I cannot figure out real use cases for meaningful trailing whitespaces,
I think there is no problem even if Redmine always deletes trailing white spaces.
Another option would be to ignore trailing spaces when parsing tables.
Jean-Philippe Lang wrote:
Another option would be to ignore trailing spaces when parsing tables.
Actually, it was done in 3.2.0 (#18223). Which version are you using?
I am using Redmine 3.2.2.stable and observed the described problem. So the solution to problem #18223 (introduced in version 3.2.0) might have problems or might be insufficient in version 3.2.2.
Therefore I would suggest stripping trailing whitespace (spaces, tabs, ...) on save in any case.
Also keep in mind that any input validation regarding security concerns (XSS Cross Site Scripting) can be implemented in a more secure and robust manner on normalized input than by extending the parser to all considered (in contrast to all possible) input variations.
David Lukas Müller wrote:
I am using Redmine 3.2.2.stable and observed the described problem. So the solution to problem #18223 (introduced in version 3.2.0) might have problems or might be insufficient in version 3.2.2.
I can't reproduce this problem with the current 3.2-stable.
Therefore I would suggest stripping trailing whitespace (spaces, tabs, ...) on save in any case.
Also keep in mind that any input validation regarding security concerns (XSS Cross Site Scripting) can be implemented in a more secure and robust manner on normalized input than by extending the parser to all considered (in contrast to all possible) input variations.
As you can read on the same page: "Input Validation is NOT the primary method of preventing XSS, SQL Injection. These are covered in output encoding and related cheat sheets.". On rendering, we don't assume that data is "normalized" in any way just because it comes from the database.
Also available in: Atom
PDF