Hi Peter, Another useful capability the filter mechanism could implement is escaping of HTML characters to prevent cross-site scripting vulnerabilities. I think Daniel Dekany suggested this.
http://nagoya.apache.org/eyebrowse/[EMAIL PROTECTED]&msgId=724515 WILL ----- Original Message ----- From: "Peter Romianowski" <[EMAIL PROTECTED]> To: "Velocity Developers List" <[EMAIL PROTECTED]> Sent: Monday, June 23, 2003 3:38 AM Subject: Proposal: Filters > Hi all, > > I'd like to propose some kind of filter-mechanism. I did that before, > but I think I should do it in an offical way again ;) > > The proposal is to include some kind of post-processing filter which > alters the generated content. First an example of the possible VTL: > > #filter (name [arguments]) > #end > > Let's take the example of a very anticipated feature (by many users > in many different ways): Whitespace-Gobbling. The VTL could look > like this: > > #filter (whitespace) > Hi there ! > #end > > and would render as: [Hi there !] > > Another example would be a Null-Output-Filter which simply suppresses > all the output (useful when you have several #set and #if directives): > > #filter (null) > #set ($a = 1) > #if ($a == 1) > This will not be written to the output! > #end > #end > > This will render as: [] > > Many other usecases come into my mind and I think such a filter mechanism > would increase the power of velocity dramatically without "sacrificing" > the purism. > > Configuration: > > The filter would be configured in the velocity.properties file like: > > filter = null, whitespace > > filter.null.class = o.a.v.runtime.filter.NullFilter > filter.null.property = additional properties are defined this way > filter.whitespace.class = o.a.v.runtime.filter.WhitespaceFilter > filter.whitespace.property = additional properties are defined this way > > Whereas I think that the Whitespace- and the Nullfilter should be available > by default (along with others?). > > As an additional benefit this proposal of using filters would end discussions > on things like Whitespace-Gobbling and stuff since you can plug in filters > as you like. And a new slogan could be introduced by the > hardcore-MVC-purist-Velguys besides "Use a Tool(tm)" - "Use a Filter(tm)" ;) > > If there is interest I'd like to publish an implementation proposal for this. > But the discussion first. > > BTW: Geir, do you have a timeline of releases and features / stuff in it? IIRC > the 1.4dev will go out quite soon and then the 1.4 release (the last w/o Map > and Numbersupport). After that we will go for all the new stuff, right? If you > have some kind of plan - please share it with us. > > Regards, > Peter > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
