Re: Don't escape my html string...

Fri, 24 Dec 2010 07:25:15 -0800 

Ok, I think I've got it. I didn't realise that ClickableTextCell can
now (in 2.1) take a SafeHtmlRenderer as an argument, and in turn that
object can render the html just the way I want



                Column<ClientModel, String> clickColumn = new 
Column<ClientModel,
String>(
                                new ClickableTextCell(
                                                new SafeHtmlRenderer<String>() {

                                                        @Override
                                                        public void 
render(String result, SafeHtmlBuilder builder) {
                                                                
builder.appendHtmlConstant(result);
                                                        }

                                                        @Override
                                                        public SafeHtml 
render(String result) {
                                                                return 
SafeHtmlUtils.fromTrustedString(result);
                                                        }
                                                }
                                )
                )
                {

                        @Override
                        public String getValue(ClientModel model) {
                                return model == null ? null : 
model.getDisplayName();   // THIS
STRING IS TRUSTED FOR HTML INJECTION, BUT CAN CONTAIN <em> ELEMENTS
                        }

                };








On Dec 24, 12:47 pm, Paul Schwarz <[email protected]> wrote:
> Hi all,
>
> I am aware of the new SafeHtml facilities of GWT 2.1.
>
> I have a case where I am using a CellTable and have a column that
> takes a ClickableTextCell to render a string. The strings I want to
> render come from a trusted source (nearby within the same method) and
> contain <em> tags which are on the whitelist of the sanitizer.
>
> Here is a simplified version of my code:
>
>                 Column<ClientModel, String> clickColumn =
>                         new Column<ClientModel, String>(new 
> ClickableTextCell()) {
>                         @Override
>                         public String getValue(ClientModel model) {
>                                 String output = model.getName() + " <em>" + 
> model.getDesc() + "</
> em>";
>                                 return output;
>                         }
>                 };
>
> I have tried all sorts of things instead of my "return output;" such
> as:
>         return SafeHtmlUtils.fromTrustedString(output);
>
> ... but I keep getting literally "XYZ <em>a little description</em>"
> output on the screen.
>
> Two solutions:
> 1) figure out how to get GWT to trust my html and output actual html
> 2) figure out how to use the template/builder/util of the SafeHtml
> mechanism properly to help me in this instance
>
> I'm making no real progress with either, please help!

-- 
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to