Hello, Have you tried applying WWebWidget::escapeText on 'topology' before appending it to 'os' ?
On Fri, Aug 28, 2009 at 2:42 PM, Andrii Arsirii<[email protected]> wrote: > Hi again. > I faced interesting problem. > > I have a Java applet. And I configure it with XML configuration > (configuration is made by the user). > > std::ostringstream os; > os << "<applet code='MyApplet.class' name='topology_editor' > cache_archive='topology_editor.jar' width='100%' height='600'>" > "<param name='cache_version' value='" << APPLET_REVISION << "' />" > "<param name='topology' value='" << topology << "' />" > "<param name='locale' value='" << > Wt::WApplication::instance()->locale() << "' />" > "You must have <a > href=\'http://java.sun.com/javase/downloads/index.jsp\'>Java SE Runtime > Environment (JRE)</a> 5 or above installed " > "and enabled in your browser to use this control" > "</applet>"; > new Wt::WText(os.str(), Wt::XHTMLUnsafeText, table->currentCell()); > > > Variable 'topology' contains valid XML. > Everything was perfect until topology had '&'. > After this when the page is rendered - Wt replaces & with '&' and Java > XML parser is unable to parse XML. > > How can I disable this? > When I try XHTMLText - XSS shows error about <applet> tag - and mode is > switched to PlainText. > When I try PlainText - page just shows piece of code, not the applet. > > > > -- > > Andrii Arsirii > Streamco > http://streamco.org.ua > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus > on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > _______________________________________________ > witty-interest mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/witty-interest > > -- Pau Garcia i Quiles http://www.elpauer.org (Due to my workload, I may need 10 days to answer) ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ witty-interest mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/witty-interest
