Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 6.4-milestone-1
Affects Version/s: 2.5, 2.5.1, 2.6 RC1, 2.6 RC2, 2.6, 2.7 RC1
Component/s: Old Core
Labels:
- bugfixingday

keywords:
translations
Difficulty:
Easy
Documentation:
N/A
Documentation in Release Notes:
N/A
Similar issues:

Description

Many translations contain velocity code which is interpreted on page view, for example, viewattachmentstitle is defined in core/xwiki-core/src/main/resources/ApplicationResources.properties as:

viewattachmentstitle=Attachments for <em>$doc.displayTitle</em>

and used in templates/editattachments.vm as follows:

<h1><span>$xwiki.parseMessage("viewattachmentstitle")</span></h1>

This causes several problems:

Some translations rely on the presence of some velocity variables and will not work in other places
Some embedded velocity code is not properly escaped (and cannot be escaped correctly when used, this causes some escaping tests failures)
It is possible to contribute translations with embedded malicious velocity scripts, since the translations are usually not thoroughly reviewed by the developers
Some translations use embedded velocity code only in a couple of languages (probably leftovers)

A list of translation keys containing some velocity code:

Translation key             | Number of affected translations
----------------------------+--------------------------------
adminglobalrights           | 1
adminspacerights            | 1
availableversionsattachment | 23
downloadthisattachment      | 1
editFullScreen              | 1
editgroupsredirect          | 20
editincludepagemsgmore      | 20
editincludepagemsgone       | 21
editpageTitle               | 21
editRights                  | 1
editusersredirect           | 20
myhomepage                  | 22
nousername                  | 1
register                    | 1
revisiondoesnotexist        | 19
simpleedittoolbardesc       | 1
simpleedittoolbardesc2      | 21
validationerror             | 22
viewattachmentstitle        | 21
viewcode                    | 1
viewcodetitle               | 21
viewcommentstitle           | 23
viewhistorytitle            | 22
viewinformationtitle        | 18
youcanclicktoedit           | 22

We should fix those translations to use placeholders instead of velocity code.

The list was generated using the following zsh/perl script:

fgrep '$' -h {,../../enterprise/trunk/}((*~target*)/)#(*~(version|xwiki|radeox_markup_xwiki)).properties \
| sed 's/=.+$/ /' | sort \
| perl -e '$s = ""; $cnt = 0; while (<>) {
      chomp;
      if ($s ne $_) { if ($cnt != 0) { printf("%s: %d\n", $s, $cnt); } $s = $_; $cnt = 1
      } else { $cnt++; } }; printf("%s: %d\n", $s, $cnt)' \
| column -t

Attachments

Issue Links

is related to

XWIKI-6109 Warning in the log when opening a page that does not exists

Closed

relates to

XWIKI-5725 Deprecate XWiki#parseMessage

Closed

Activity

People

Assignee:: Thomas Mortagne

Reporter:: Alex Busenius

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 12/Nov/10 16:02

Updated:: 13/Nov/14 15:38

Resolved:: 13/Nov/14 15:37

Date of First Response:: 17/Nov/10 6:05 PM