Item11501: Change the encoding

expandCommonVariables was doing too much.   Change to use the safe
encoding regex from ENCODE .pm

git-svn-id: http://svn.foswiki.org/branches/Release01x01@13925 0b4bb1d4-4e5a-0410-9cc4-b2b747904278

UnitTestContrib/test/unit/RegisterTests.pm

@@ -911,17 +911,22 @@ sub verify_rejectEvilContent {
     }
     catch Foswiki::OopsException with {
         my $e = shift;
-        $this->assert_str_equals( "200", $e->{status},
-            $e->stringify() );
-        $this->assert_matches( qr/.*Comment: %3cblah%3e.*Organization: %3cscript%3eBad%20stuff%3c\/script%3e/ms, $FoswikiFnTestCase::mails[0] );
+        $this->assert_str_equals( "200", $e->{status}, $e->stringify() );
+        $this->assert_matches(
+qr/.*Comment: <blah>.*Organization: <script>Bad stuff<\/script>/ms,
+            $FoswikiFnTestCase::mails[0]
+        );
 
         my ($meta) = Foswiki::Func::readTopic( $Foswiki::cfg{UsersWebName},
             $this->{new_user_wikiname} );
         my $text = $meta->text;
         $meta->finish();
-        $this->assert_matches( qr/.*Comment: %3cblah%3e.*Organization: %3cscript%3eBad%20stuff%3c\/script%3e/ms, $text );
+        $this->assert_matches(
+qr/.*Comment: <blah>.*Organization: <script>Bad stuff<\/script>/ms,
+            $text
+        );
 
-    return;
+        return;
 
     }
     catch Foswiki::AccessControlException with {

core/lib/Foswiki/UserMapping.pm

@@ -581,7 +581,8 @@ sub validateRegistrationField {
 #my $value = Foswiki::Macros::ENCODE->ENCODE( $session, { type => 'safe', _DEFAULT => $_[2] } );
 #print STDERR "Encoding $_[1] as $value\n";
 
-        $_[2] = Foswiki::Func::expandCommonVariables("%ENCODE{\"$_[2]\"}%");
+        # This is the "safe" encode in ENCODE.pm
+        $_[2] =~ s/([<>%'"])/'&#'.ord($1).';'/ge;
     }
 
     # Don't allow html markup in any other fields.