This week's book giveaway is in the Clojure forum.
We're giving away four copies of Clojure in Action and have Amit Rathore and Francis Avila on-line!
See this thread for details.
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

<HTML:TEXT> tag issue

 
Agur Dunit
Greenhorn
Posts: 24
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!

I have an issue with the <HTML:TEXT> strus tag. The tag don't decodes the caracters coded in ascii. For example the <html:text name="userForm" property="comment" style="width:300px" styleClass="styleT"/> shows can't use instead of can't use if the property "comment" is setted in the action form to comment=can't. The apostrophe coded by ' is not decoded by this tag.

The <c : out value="${comment}" escapeXML=false> resolves the probleme but i have to conserve the equivalent syntax.

Is there any way to resolve the probleme?

Thank you for your help

>
 
Sagar Rohankar
Ranch Hand
Posts: 2905
1
Java Spring Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Honestly, dosen't get what you want to convey ? If you are facing problem in using " ' " (apostrophe) character then I suggest use escape character, like . If not then elaborate.
 
Agur Dunit
Greenhorn
Posts: 24
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The apostrophe is coded in the database with corresponding ascii code for security purpose. So, the escape caracter don't resolve the probleme!
 
Sagar Rohankar
Ranch Hand
Posts: 2905
1
Java Spring Ubuntu
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then, don't use apostrophe ASCII character, simply while setting its form property, just replace that ASCII number with hardcoded " ' " character !
 
Agur Dunit
Greenhorn
Posts: 24
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
for security reasons we can't do that.
 
David Newton
Author
Rancher
Posts: 12617
IntelliJ IDE Ruby
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Then you'll have to un-escape it on the server side.

There's no "security issue" with escaping strings before saving to the DB--you don't need to encode single-quotes as ASCII to sanitize SQL.
 
Agur Dunit
Greenhorn
Posts: 24
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I will unescape in the server side; i think it's good solution.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic