I have a few questions about this.
If I change to:
interface Template extends SafeHtmlTemplates {
@Template("<img src=\"{0}\"/>")
SafeHtml img(SafeUri safeUri);
}
1. How does the template know to call asString() on the safeUri
instance?
2. With this change I now have the same problem but in the SafeUri
implementation. How do I take a URL variable and sanitize it so it's
safe? Or because these URL's come from the server can I just declare
them safe by convention.
3. How do I get rid of the compiler warning? Once I've manually made
these safe is there a way to annotate the @Template usage so the
compiler knows it's safe?
Thanks,
-Dave
On Mar 20, 2:53 pm, Jens <[email protected]> wrote:
> You should use GWT's UriUtils to construct a SafeUri and your template
> method should then take a SafeUri as parameter instead of a string.
>
> -- J.
>
> Am Dienstag, 20. März 2012 20:22:59 UTC+1 schrieb dhoffer:
>
>
>
>
>
>
>
>
>
> > I get the following error:
>
> > [INFO] Generating method body for img()
> > [INFO] [WARN] Template with variable in URL attribute context: The
> > template code generator cannot guarantee HTML-safety of the template
> > -- please inspect manually or use SafeUri to specify arguments in a
> > URL attribute context
>
> > Using this code template
>
> > interface Template extends SafeHtmlTemplates {
> > @Template("<img src=\"{0}\"/>")
> > SafeHtml img(String url);
> > }
>
> > What's the right way to make this HTML safe? The url string is
> > provided by the application not end users of the application. However
> > I'd like to not have build warnings of this type.
>
> > -Dave
--
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
