Feature #24662

Add option to remove trailing whitespace on saving wiki pages

Added by David Lukas Müller 12 months ago. Updated 11 months ago.

Status:NewStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Text formatting
Target version:-
Resolution:

Description

Formatting non-trivial tables with many rows and columns in Textile is very prone to formatting errors when trailing whitespace is inserted unintentionally after the trailing pipe symbol "|".

To illustrate this consieder the following table

|_. row |_. A |_. B |
| 1 | a1 | b1 |
| 2 | a2 | b2 |
| 3 | a3 | b3 |

If written as intended without trailing whitespace everything looks good, ...

row A B
1 a1 b1
2 a2 b2
3 a3 b3

... but the layout is destroyed when trailing whitespace is added (unintentionally) at the end of the second row:

row A B
1 a1 b1
2 a2 b2
3 a3 b3

Since I cannot figure out real use cases for meaningful trailing whitespaces, I would suggest to add an checkbox

[ ] remove trailing whitespace on save

near the "Save" and "Preview" buttons when editing a wiki page.

History

#1 Updated by Go MAEDA 12 months ago

David Lukas Müller wrote:

Since I cannot figure out real use cases for meaningful trailing whitespaces,

I think there is no problem even if Redmine always deletes trailing white spaces.

#2 Updated by Jean-Philippe Lang 12 months ago

Another option would be to ignore trailing spaces when parsing tables.

#3 Updated by Jean-Philippe Lang 12 months ago

Jean-Philippe Lang wrote:

Another option would be to ignore trailing spaces when parsing tables.

Actually, it was done in 3.2.0 (#18223). Which version are you using?

#4 Updated by David Lukas Müller 12 months ago

I am using Redmine 3.2.2.stable and observed the described problem. So the solution to problem #18223 (introduced in version 3.2.0) might have problems or might be insufficient in version 3.2.2.

Therefore I would suggest stripping trailing whitespace (spaces, tabs, ...) on save in any case.

Also keep in mind that any input validation regarding security concerns (XSS Cross Site Scripting) can be implemented in a more secure and robust manner on normalized input than by extending the parser to all considered (in contrast to all possible) input variations.

#5 Updated by Jean-Philippe Lang 11 months ago

David Lukas Müller wrote:

I am using Redmine 3.2.2.stable and observed the described problem. So the solution to problem #18223 (introduced in version 3.2.0) might have problems or might be insufficient in version 3.2.2.

I can't reproduce this problem with the current 3.2-stable.

Therefore I would suggest stripping trailing whitespace (spaces, tabs, ...) on save in any case.

Also keep in mind that any input validation regarding security concerns (XSS Cross Site Scripting) can be implemented in a more secure and robust manner on normalized input than by extending the parser to all considered (in contrast to all possible) input variations.

As you can read on the same page: "Input Validation is NOT the primary method of preventing XSS, SQL Injection. These are covered in output encoding and related cheat sheets.". On rendering, we don't assume that data is "normalized" in any way just because it comes from the database.

Also available in: Atom PDF