Hi Jon, This looks great because the default JSP <bean:write> tag behavior is to filter and we can mimic the same default behavior in Velocity. So my next question is how do I go by comiling this utility class and make it to work with Velocity?
-----Original Message----- From: Jon Scott Stevens [mailto:[EMAIL PROTECTED]] Sent: Monday, July 15, 2002 1:39 PM To: velocity-dev Subject: Re: HTML escape sequence filtering (is there a tool for that?) on 7/15/02 6:43 AM, "Ed Yu" <[EMAIL PROTECTED]> wrote: > I'm looking into JSP migration to Velocity. There is one feature that > the <bean:write ... filter="true"> tag offer, the ability to filer > special html characters (<, >, &, etc...). Currently is there a "tool" > to perform such filtering? Even better than Geir's suggestion (which is terribly not MVC and prone to mistakes...what if you forget to filter some user supplied data? You then have a cross site scripting hole)...is to write a ReferenceInsertionFilter to do what you want... <http://scarab.tigris.org/source/browse/scarab/src/java/org/tigris/scara b/ut il/ReferenceInsertionFilter.java?rev=1.11&content-type=text/x-cvsweb-mar kup> -jon -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
