GNOME Bugzilla – Bug 485701
Angle brackets (< and >) not escaped in HTML formula alt text
Last modified: 2015-12-30 11:14:56 UTC
Using less-than or greater-than signs in equations breaks the HTML output, because the alt text for the equation image doesn't escape ">" to ">" and "<" to "<". The result is that the browser can interpret them as HTML tag delimiters and the page rendering screws up. This probably hasn't been noticed because (for Gecko browsers at least) not escaping angle brackets is "usually" tolerated, but using a custom HTML header can trigger rendering errors. Unfortunately this makes it hard to reproduce, but you can check the effect with a problem page at http://projects.hepforge.org/rivet/code/dev/unescaped.html (which breaks for me with Firefox 2.0.0.7). I've verified that using the HTML entities in place of < and > fixes the rendering problems.
This bug's version was set to "latest". Since this is a moving target, I changed it to 1.5.3-SVN. If you believe this has already been fixed, then please change the status accordingly.
Is this problem still relevant or has it been solved by the browsers in their more recent versions? I see that the < sign is still in the ALT text but none of the recent browsers (FireFox, IE9, Chrome, Opera) I tried had a problem with it. If still relevant please attach a self-contained example (source+config file in a zip or tar) if possible and specify the browser that has been used.
This problem is still relevant. I am having issues in Google Chrome and Firefox (versions included in latest Ubuntu 15.04). The problem appears when using formulas with `<` and `>` symbols. For example, ` /** * Computes the concave membership function evaluated at @f$x@f$ * @param x * @return @f$\begin{cases} * h \times (e - i) / (2e - i - x) & \mbox{if $i \leq e \wedge x < e$ (increasing concave)} \cr * h \times (i - e) / (-2e + i + x) & \mbox{if $i > e \wedge x > e$ (decreasing concave)} \cr * h & \mbox{otherwise} \cr * \end{cases}@f$ * * where @f$h@f$ is the height, * @f$i@f$ is the inflection of the curve, * @f$e@f$ is the end of the curve */ virtual scalar membership(scalar x) const FL_IOVERRIDE; ` To reproduce, please run doxygen in the following repository: `git clone -b documentation https://github.com/fuzzylite/fuzzylite.git` The `Doxyfile` is in root. You will require LaTeX, graphviz, dot. After running doxygen, please search in doxygen's generated web browser for any of the following classes: `Concave`, `Threshold`, or `Cosine`. In each of these classes, the following error in a pink box appears at the top of the page: ` This page contains the following errors: error on line 475 at column 127: Unescaped '<' not allowed in attributes values Below is a rendering of the page up to the first error. `
A fix to this bug has been submitted in pull request #365: `https://github.com/doxygen/doxygen/pull/365`
Problem appears only in case of xhtml as output format. As side remark why do you use \le and < and not \le and \lt
Thanks for your response. I searched for commands replacing `<` and `>`, but all I found was \textless and \textgreater, which work only in text mode, not in math mode. What LaTeX package includes \lt and \gt? ! Undefined control sequence. l.6 $a \lt b$
I didn't have a Latex package at hand so by head I thought \lt would be in by default as well, but is apparently not.
You could create the commands as: \newcommand{\lt}{\ensuremath{<}} \newcommand{\gt}{\ensuremath{>}} but this is not standard LaTeX, and then where would you write them? The requested merge would make the escaping of XML exactly like Qt::escape (<v5.0) and QString.toHtmlEscaped() methods. In the documentation, the arguments against escaping `<` and `>` are due to performance issues, but I reckon the performance hit would be marginal at best (if any).
Thanks, I've merged the pull request
This bug was previously marked ASSIGNED, which means it should be fixed in doxygen version 1.8.11. Please verify if this is indeed the case. Reopen the bug if you think it is not fixed and please include any additional information that you think can be relevant (preferably in the form of a self-contained example).
Hi, I can confirm the bug has been fixed in the version 1.8.11. For future reference, the issues I ran into can be reproduced as follows: (1) Get commit https://github.com/fuzzylite/fuzzylite/commit/aa2155b9c79bc49834a7a21e434bcf4a33b630aa (2) run doxygen versions earlier than 1.8.11 (3) open in browser the documentation for any of the following classes: `Concave`, `Threshold`, or `Cosine` Thanks.