Hello,
Recently i created and Extension to Label that uses { and } as Markup
Delimiters to create a kind of safe Markup with a very limited set of
HTML-Tags like
{h3}Title{/h3}
{div}Hello{/div}
The purpose of this is to get rid of the setEscapeModelStrings(false) to
be found everywhere which is actually quite dangerous when combined with
user-input.
Now someone has combined my new Label with StringResourceModel which
uses the Syntax defined in MessageFormat which also uses { and } as
delimiting characters for its placeholders, for example
This is a {0} day.
Now both Formats collide but there would be an easy workaround if Wicket
would actually honor the possible escaping defined in MessageFormat, i
would just have to write
'{'div'}' This is a {0} day. '{'/div'}'
But StringResourceModel Line 478 escapes these ' in its code so the
resulting Text is actually
''{''div''}'' This is a {0} day. ''{''/div''}'' and the escaping for my
markup does not work anymore since the double single quotes are
interpreted as single single quote by the MessageFormat parser.
I would argue that StringResourceModel is doing the wrong thing here by
purposefully escaping the single quotes when it is not intended by the
user. I also have not found the reason why it does this in the first
place. Any suggestions or ideas?
Greetings,
Johannes Renoth
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
