Okay that makes sense, thanks for the help! -Dave
On Mar 21, 9:48 am, Thomas Broyer <[email protected]> wrote: > On Wednesday, March 21, 2012 4:15:10 PM UTC+1, dhoffer wrote: > > > I have a few questions about this. > > > If I change to: > > > interface Template extends SafeHtmlTemplates { > > @Template("<img src=\"{0}\"/>") > > SafeHtml img(SafeUri safeUri); > > } > > > 1. How does the template know to call asString() on the safeUri > > instance? > > SafeHtmlTemplates knows about SafeUri (remember the warning it outputs when > you use String? ;-) ) > > > 2. With this change I now have the same problem but in the SafeUri > > implementation. How do I take a URL variable and sanitize it so it's > > safe? > > UriUtils.fromString()http://google-web-toolkit.googlecode.com/svn/javadoc/latest/com/googl...) > > > Or because these URL's come from the server can I just declare > > them safe by convention. > > No. Only those URLs that are hard-coded in your client-side app can be > trusted. > > > 3. How do I get rid of the compiler warning? Once I've manually made > > these safe is there a way to annotate the @Template usage so the > > compiler knows it's safe? > > The only way to shut the generator up is to use SafeUri and SafeStyles when > it tells you to do so. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
