From: Leon Messerschmidt [mailto:[EMAIL PROTECTED]]
> Geir :
> > But what if I want to insert :
> >
> > <parent>
> > $xmlblob
> > </parent>
> >
> > where
> >
> > $xmlblob is "<child>William</child>"
> >
> > Then the listener approach screws things up too, right?
>
> If you are going to insert an raw xml blob then you would
> probably be able
> to assume that the blob of XML will be valid xml as generated
> by the xml
> source. Otherwise it can't be called an XML blob - just some
> text with
> random tags that looks like XML. You don't need to set the
> listener for
> these.
Ah. So you *would* have to contextually switch the listener on and off?
> > Now,
> >
> > <text>#escape("<>")</text>
> >
> > is disliked for some reason. Don't understand why yet.
>
>
> 1. I have template designers that will forget to call
> #escape(). I am
> willing to bet money on that. The showstopper is that with
> 99% of the cases
> it'll work not to call #escape. Only when somebody actually enters an
> entity will the bug show up. It is very hard to track
> forgotten #escape's.
But what if they forget to swtich the listener on and off? same deal,
right?
>
> 2. Because the XML parser stops with an exception it is not
> an issue of
> just an artefact on the screen. A customer will see an error
> screen even a
> possible java stack trace just because he entered a string
> containing an
> entity.
Same problem if you forget to switch the listener...
> 3. It makes your template very ugly to call #escape for EACH
> insert. You
> also need to have the #escape macro littering all your
> templates. I'd like
> to keep tempaltes as simple as possible.
You are going to have to turn the listener on and off for EACH insert,
right?
> > What about
> >
> > #macro( node $tag $attr $text)
> > #if ($text.length() > 0)
> > <$tag $attr />
> > #else
> > <$tag $attr>#escape($text)</$tag>
> > #end
> > #end
> >
> > so
> >
> > #node( "text" "" "<>")
> >
> > Not as readable, I guess, but does guarantee closed nodes,
> I guess :)
>
> Isn't this defying the purpose of a template in the first
> place :-) It is
> starting to look a bit like ECS :-)
>
> > Just thinking out loud here.
>
> Don't get me wrong. I really appreciate your time.
And please understand that I am not just screwing around arguing with all of
you. What I can't seem to personally understand if how this would really
work, in real life, w/o having to do all the things you are claiming you
don't want to do.
If you have to switch the listener on and off each time, and that is
acceptable, there is nothing that prevens you adding the listener to a
wrapper for your stream, right?
To be transparent in what I am trying to do : I am trying to see if we can
avoid adding complexity to the velocity core if numerous 'external'
solutions already exist.
This is a creative and talented bunch...
geir
