looks great, Will! regarding the dependency thing... are we going to continue to provide both the velocity.jar and velocity-dep.jar with the 1.5 version? if so, then the addition of commons-lang is not too bad. people can use the whole commons-lang lib with velocity.jar and we can extract and ship StringUtils in the velocity-dep.jar.
On 9/11/05, Will Glass-Husain <[EMAIL PROTECTED]> wrote: > Colleagues, > > With a short burst of autumnal energy, I've just committed a substantial > patch to the event handling system. It should be 100% backwards compatible - > I encourage you to try it out. We've discussed significant parts of this > before (e.g. new IncludeEventHandler for #include and #parse), but please > send comments on any aspects of these enhancements. > > In addition to updates to the event handler framework, this patch also > includes useful event handler implementations. The most important of these > are event handlers for reference escaping (HTML, XML, SQL, and JavaScript). > Some might argue that escaping belongs in the tools project, but I consider > this an important core feature for many of our users. It's worth noting that > other templating approaches like JSP 2.0 and FreeMarker have HTML escaping as > a language feature. > > With the latest source code you can set up the event handler in > velocity.properties, then (optionally) limit the escape handler > implementations with regular expressions. For example, to apply HTML > escaping to all references put this line in velocity.properties. > > ***************************** > eventhandler.referenceinsertion.class = > org.apache.velocity.app.event.implement.EscapeHtmlReference > ***************************** > > The following velocity.properties excerpts set up HTML escaping for all > references and JavaScript escaping (backslash before quotes) for references > starting with "js". > > ***************************** > eventhandler.referenceinsertion.class = > org.apache.velocity.app.event.implement.EscapeHtmlReference,org.apache.velocity.app.event.implement.EscapeJavaScriptReference > > eventhandler.escape.javascript.match = /js.*/ > ***************************** > > The most import side effect of this patch is a new dependency on > "commons-lang". While I'm loath to grow the jar files unnecessarily, there's > a very nice utility class for doing HTML/XML/JavaScript/SQL escaping. > > Again, I'd welcome any thoughts. > > Best, > WILL > > _______________________________________ > Forio Business Simulations > > Will Glass-Husain > [EMAIL PROTECTED] > www.forio.com > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
