śr., 24 cze 2026 o 11:31 Greg Huber <[email protected]> napisał(a): > > Looking into this, basically you cannot use escapeHtml=false and > escapeJavaScript=true and have <b></b> <strong></strong> <em></em> etc > work. There is too much of an overlap between > what StringEscapeUtils.escapeEcmaScript(result) does trying to escape > slashes with html slashes (ie you get <b><\/b>, an unterminated <b> > which messes with the layout). > > Guess I will need remove escapeHtml=false. > > https://struts.apache.org/tag-developers/property-tag > > Maybe there should be a warning on the escapeHtml tag text not to set to > false without setting escapeJavaScript=true, otherwise it will execute > the "script" in the response.
Does this sound good? https://issues.apache.org/jira/browse/WW-5639 Cheers Łukasz --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
