RE: Evil characters causing mischief in textarea and value attribute contents

2003-09-18 Thread Andrew Hill 
Cheers.
Im not actually using jsp in this case, but rather modifying the contents of
an org.w3c.dom.Document tree and Im using a rather niave homebrew serialiser
to render the xhtml to the response stream. (as the one in xerces turned out
to be more than a bit inflexible when it came to extending it to handle some
PIs I needed to interpret at render time (which do happen to
requestdispatcher includes)).

I'll guess go and rip apart bean-write and get my serialiser (or my
renderers) to do what it does and see how it goes.


-Original Message-
From: Adam Hardy [mailto:[EMAIL PROTECTED]
Sent: Thursday, 18 September 2003 19:38
To: Struts Users Mailing List
Subject: Re: Evil characters causing mischief in textarea and value
attribute contents


Hi Andrew,
I thought, man, you don't know that? Hahaha - and then I realised I
don't know either.

I just checked my app to make sure it's not happening to me too, and
it's not. I have stuff like ""snowflake"" in the database and it gets
encoded automatically into

value="a html-busting "character""

via . Presumably  is the same.

If you have  you can add filter="true".


Adam

On 09/18/2003 12:36 PM Andrew Hill wrote:
> We have some screens that allow users to edit some stuff stored in the db,
> and some of this stuff includes such characters as " or \ or whatever, and
> also some of them have xml tags as there contents.
>
> When rendering such fields we are hitting some problems.
> ie: if the value is something like:
> my cats name is "snowflake"
>
> we end up with:
> 
>
> ...which of course is not very good.
>
> Another one is textareas containing !
>
> Whats the technique for handling this nicely?
> Obviously I need to escape these somehow. What do I need to consider?
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>

--
struts 1.1 + tomcat 4.1.27 + java 1.4.2
Linux 2.4.20 RH9


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Evil characters causing mischief in textarea and value attribute contents

2003-09-18 Thread Adam Hardy 
Hi Andrew,
I thought, man, you don't know that? Hahaha - and then I realised I 
don't know either.

I just checked my app to make sure it's not happening to me too, and 
it's not. I have stuff like ""snowflake"" in the database and it gets 
encoded automatically into

value="a html-busting "character""

via . Presumably  is the same.

If you have  you can add filter="true".

Adam

On 09/18/2003 12:36 PM Andrew Hill wrote:
We have some screens that allow users to edit some stuff stored in the db,
and some of this stuff includes such characters as " or \ or whatever, and
also some of them have xml tags as there contents.
When rendering such fields we are hitting some problems.
ie: if the value is something like:
my cats name is "snowflake"
we end up with:

...which of course is not very good.

Another one is textareas containing !

Whats the technique for handling this nicely?
Obviously I need to escape these somehow. What do I need to consider?
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

--
struts 1.1 + tomcat 4.1.27 + java 1.4.2
Linux 2.4.20 RH9
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Evil characters causing mischief in textarea and value attribute contents

2003-09-18 Thread Andrew Hill 
We have some screens that allow users to edit some stuff stored in the db,
and some of this stuff includes such characters as " or \ or whatever, and
also some of them have xml tags as there contents.

When rendering such fields we are hitting some problems.
ie: if the value is something like:
my cats name is "snowflake"

we end up with:


...which of course is not very good.

Another one is textareas containing !

Whats the technique for handling this nicely?
Obviously I need to escape these somehow. What do I need to consider?


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]