You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Anita Anandan (JIRA)" <de...@myfaces.apache.org> on 2008/10/13 20:18:46 UTC
[jira] Updated: (TRINIDAD-1231) Custom message/hint strings used by
validators should be escaped.
[ https://issues.apache.org/jira/browse/TRINIDAD-1231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anita Anandan updated TRINIDAD-1231:
------------------------------------
Status: Patch Available (was: Open)
> Custom message/hint strings used by validators should be escaped.
> -----------------------------------------------------------------
>
> Key: TRINIDAD-1231
> URL: https://issues.apache.org/jira/browse/TRINIDAD-1231
> Project: MyFaces Trinidad
> Issue Type: Bug
> Components: Components
> Affects Versions: 1.0.9-core, 1.2.9-core
> Reporter: Cale Scholl
> Priority: Minor
> Attachments: trinidad-api_trunk12_escape.patch
>
>
> The server unescapes custom message detail strings on inital page render.
> For example,
>
> _facesBean.getProperty(_NOT_IN_RANGE_MESSAGE_DETAIL_KEY)
> -> expression.getValue(context.getELContext())
>
> causes the resultant string to be unescaped.
> (i.e. "isn\'t" ==> "isn't"
> "isn't" ==> "isn't")
> Then, before the javascript for the client validator (and thus the client
> formatter) is constructed, the message detail strings are re-escaped via
> JsonUtils.writeMap. TrFastMessageFormatUtils.format -> _formatErrorString
> fills in the format string one token at a time using regular expressions.
> However, when the server does the formatting, it uses
> FastMessageFormat.format to format the unescaped message detail strings.
> FastMessageFormat.format interprets text enclosed in single quotes as literal
> text, and interprets double single quotes as an escaped single quote.
> Currently, I think the best way to allow for "isn't" in a format string is
> that, unless the string begins and ends with single quotes, the
> FastMessageFormat constructor should modify the format string by replacing
> all single quotes with double single quotes.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.