The Stripes OOTB validation error message formats look like this: converter.number.invalidNumber=The value ({1}) entered in field {0} must be a valid number
Somehow, when the framework does what it does for a simple <stripes:errors/> tag, the user-supplied value is correctly HTML-escaped on its way to the page. However, I know that it's possible to embed markup into the message strings (even though I find that a deeply troubling practice), so that: converter.number.invalidNumber=The value ({1}) entered in field {0} <b>must</b> be a valid number would do the right thing, correctly escaping the bogus form value but not incorrectly escaping the markup in the message template. This suggests to me that Stripes, when preparing the error messages, at some point knows to HTML-escape the field values. I can't find any place in the source that does that, but the way the validation error mechanism works is somewhat dizzying. So, is that what happens? I ask because some code I've got, code that itself extracts ValidationError instances from action bean results, does not seem to benefit from this sort of intelligent parameter escaping. -- Turtle, turtle, on the ground, Pink and shiny, turn around.
------------------------------------------------------------------------------ uberSVN's rich system and user administration capabilities and model configuration take the hassle out of deploying and managing Subversion and the tools developers use with it. Learn more about uberSVN and get a free download at: http://p.sf.net/sfu/wandisco-dev2dev
_______________________________________________ Stripes-users mailing list Stripes-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/stripes-users