Script contents should be enclosed in CDATA section for XML documents ---------------------------------------------------------------------
Key: SHALE-488 URL: https://issues.apache.org/struts/browse/SHALE-488 Project: Shale Issue Type: Improvement Components: Validator Affects Versions: 1.0.4 Environment: XML content types, including XHTML Reporter: Jeff Tsay When the validator script gets rendered, it outputs raw Javascript inside the <script> tags. The Javascript includes characters like & which need to be escaped or in a CDATA section in XML. For XUL or XHTML, this is a problem. I guess that XHTML parsers are more lenient about this so that's why the problem never showed up? Anyway the fix, which was also suggested by Gary VanMatre, was to enclose the script contents in an XML CDATA section. So in src/main/java/org/apache/shale/validator/faces/ValidatorScript.java I have: private void writeScriptStart(ResponseWriter writer) throws IOException { writer.startElement("script", this); writer.writeAttribute("type", "text/javascript", null); writer.writeAttribute("language", "Javascript1.1", null); writer.write("\n"); // jtsay added // Enclose XML in CDATA so special characters can be used without escaping. if (!"text/html".equals(writer.getContentType())) { writer.write("<![CDATA[\n"); } } and private void writeScriptEnd(ResponseWriter writer) throws IOException { // jtsay added if (!"text/html".equals(writer.getContentType())) { writer.write("\n]]>\n"); } writer.write("\n"); writer.endElement("script"); } This assumes if we are not rendering text/html, we must be rendering some sort of XML. Sound reasonable? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.