[
http://issues.apache.org/jira/browse/MYFACES-1396?page=comments#action_12460231
]
Paul Spencer commented on MYFACES-1396:
---------------------------------------
When I add the following to the outputText test case:
<h:outputText id="escape" escape="true" value="10 > 5" />
<h:outputText value=" | " />
<h:outputText id="notEscape" escape="false" value="10 > 5" />
<h:outputText value=" | " />
<h:outputText id="utf8charEscaped" value="äüöß" escape="true" />
<h:outputText value=" | " />
<h:outputText id="utf8charNotEscaped" value="äüöß" escape="false" />
<h:outputText value=" | " />
<h:outputText id="utf8char" value="äüöß" />
<h:outputText value=" | " />
<h:outputText id="utf8charInEscapedFormat"
value="äüöß" escape="false" />
I get the following output running MyFaces 1.1.5-SNAPSHOT
<span id="escape">10 &gt; 5</span>
|
<span id="notEscape">10 > 5</span>
|
<span id="utf8charEscaped">����</span>
|
<span id="utf8charNotEscaped">����</span>
|
<span id="utf8char">����</span>
|
<span id="utf8charInEscapedFormat">äüöß</span>
I get the following output running Sun's RI
<span id="escape">10 &gt; 5</span>
|
<span id="notEscape">10 > 5</span>
|
<span id="utf8charEscaped">����</span>
|
<span id="utf8charNotEscaped">����</span>
|
<span id="utf8char">����</span>
|
<span id="utf8charInEscapedFormat">äüöß</span>
So I see the following problem:
Escaping, or not defining the escape attribute, incorrectly converts
international characters to their numeric or mnemonic value.
> Too much escaping
> -----------------
>
> Key: MYFACES-1396
> URL: http://issues.apache.org/jira/browse/MYFACES-1396
> Project: MyFaces Core
> Issue Type: Bug
> Components: General
> Reporter: Tomas Fischer
> Assigned To: Martin Marinschek
> Priority: Blocker
> Attachments: test.jsf
>
>
> HTMLOutputText (which delegates to HTMLEncoder) escapes not only XML-invalid
> charactres (like <, >, &), but also german umlauts. This is OK if generating
> (X)HTML, but not OK if generating XML. However, according to the official
> documentation to the outputText Tag the german umlauts should not be quoted:
> If the "escape" attribute is not present, or it is present and its value is
> "true" all angle brackets should be converted to the ampersand xx semicolon
> syntax when rendering the value of the "value" attribute as the value of the
> component.
> There is an automatic XML detection, but this is broken, as only predefined
> MIME-types are recognized (application/xhtml+xml, application/xml, text/xml).
> This bug prevents using JSF for generating other content (e.g. SVG, MIME-type
> image/svg+xml).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
