On Wed, Jul 27, 2011 at 11:15 PM, Krishnakant Mane <[email protected]> wrote:
> Hello all.
> I have a requirement where a pylons action controller gets data fromm
> request.params["companyname"] and put it into an xml file at the server
> side.
> it has many other fields but here I am just making things simple.
> Now my problem is that when user enters special characters such as &, for
> example "mark & spencer " then the code fails.
> Obviously I think somewhere we need to convert this into cdata. Is there
> some way in which I instruct the request to send the values in cdata?
Where and how does it fail?
CDATA is not a way to protect against markup crashes. It's just a bulk
quoting mechanism to avoid having to quote individual & < > in a chunk
of text. But Pylons should automatically quote all the data values in
your outgoing template, so you don't need CDATA. Unless perhaps you're
trying to embed Javascript in an HTML file and the quoting rules are
getting too complex; but the answer there is to put the Javascript in
a separate file.
If you send a form to the user and they enter "mark & spencer" in a
text field, it should come back to you as a properly-formatted POST
document containing "mark & spencer". WebOb will automatically
decode that to u"mark & spencer" for you. You put that in a template
variable (c.name => ${name}), and Pylons/Mako's default filter
should convert that to "mark & spencer" in the output XML. If
that's not working, we need to know where exactly it's breaking down,
or what you're doing differently than this.
A very unlikely possibility is that the browser is returning
misformatted POST input, which is choking WebOb. But I have never seen
a browser do that.
--
Mike Orr <[email protected]>
--
You received this message because you are subscribed to the Google Groups
"pylons-discuss" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/pylons-discuss?hl=en.
