Automatic escaping should be an option.
Right now you are forcing the client to implement escaping in EVERY
location where a -href (or any other attribute, for that matter) is
passed to SVG. It smells of broken abstraction - I want to talk to an
SVG generator, not to some low-level XML-emitting module which deals
with raw bytes. To make things worse, the signature of xmlescp was
changed between 2.49 and 2.50, so it is not easy to safely apply your
proposed workaround.
On Fri Sep 21 08:19:04 2007, RONAN wrote:
Show quoted text> This is by design, not a bug.
>
> It is up to the implementer to escape their own strings when they want
> to, and I can not assume what they want. Early versions of the module
> used to automatically escape characters and too many people (correctly)
> complained, so I took it out.
>
> If the user insists on sending unescaped text, then I assume that the
> user knows what they want.
>
>
> The module has an xml-escaping method $svg->xmlescp($string) to assist
> people who want escaping. Refer to the POD for assistance for versions
> after 2.26.
>
> Ronan