You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Peter Alfors <pe...@irista.com> on 2001/04/20 21:27:41 UTC
HTML special characters
Hello all,
Is there any plan to update the ResponseUtil.filter() method to
handle more (or all) of the HTML special characters?
It looks like right now only 4 are being handled.
Thanks,
Pete
Re: HTML special characters
Posted by Elod Horvath <el...@itfais.com>.
i think i'll add my $.02 here...
what craig says on this matter is perfectly reasonable [i previously
felt this was an issue, but not a big enough one for me to raise a
flag about].
something that i would like to see though is a hook into this mechanism
so that if a developer desires or requires, they could easily install
their own "filter" which does more or special encoding not handled
by the ResponseUtil.filter() method. since all the struts tags use
this centralized method before spitting out HTML, what better place
to locate such functionality [transparently]?
of course, such a mechanism should also be available for use outside
of the struts tags in case one is inclined to not use them...
On Tuesday, April 24, 2001, at 09:52 AM, Peter Alfors wrote:
> Oops... I wasn't thinking... :)
> Yep, I agree it shouldn't be an encoding mechanism.
>
> Pete
>
> "Craig R. McClanahan" wrote:
>
>> On Fri, 20 Apr 2001, Peter Alfors wrote:
>>
>>> Hello all,
>>>
>>> Is there any plan to update the ResponseUtil.filter() method to
>>> handle more (or all) of the HTML special characters?
>>> It looks like right now only 4 are being handled.
>>>
>>> Thanks,
>>> Pete
>>>
>>
>> What other characters are you concerned about? The purpose of
>> filtering
>> was to avoid problems where user data had HTML markup in it, but it
>> wasn't
>> designed to be a general purpose encoding mechanism.
>>
>> Craig
<Attachment missing>>
_______________________________________________________________________
Elod Horvath ('e') / ITFAIS Records (http://www.itfais.com/)
Re: HTML special characters
Posted by Elod Horvath <el...@itfais.com>.
i think i'll add my $.02 here...
what craig says on this matter is perfectly reasonable [i previously
felt this was an issue, but not a big enough one for me to raise a
flag about].
something that i would like to see though is a hook into this mechanism
so that if a developer desires or requires, they could easily install
their own "filter" which does more or special encoding not handled
by the ResponseUtil.filter() method. since all the struts tags use
this centralized method before spitting out HTML, what better place
to locate such functionality [transparently]?
of course, such a mechanism should also be available for use outside
of the struts tags in case one is inclined to not use them...
On Tuesday, April 24, 2001, at 09:52 AM, Peter Alfors wrote:
> Oops... I wasn't thinking... :)
> Yep, I agree it shouldn't be an encoding mechanism.
>
> Pete
>
> "Craig R. McClanahan" wrote:
>
>> On Fri, 20 Apr 2001, Peter Alfors wrote:
>>
>>> Hello all,
>>>
>>> Is there any plan to update the ResponseUtil.filter() method to
>>> handle more (or all) of the HTML special characters?
>>> It looks like right now only 4 are being handled.
>>>
>>> Thanks,
>>> Pete
>>>
>>
>> What other characters are you concerned about? The purpose of
>> filtering
>> was to avoid problems where user data had HTML markup in it, but it
>> wasn't
>> designed to be a general purpose encoding mechanism.
>>
>> Craig
<Attachment missing>>
_______________________________________________________________________
Elod Horvath ('e') ������/ �����ITFAIS Records (http://www.itfais.com/)
Re: HTML special characters
Posted by Peter Alfors <pe...@irista.com>.
Oops... I wasn't thinking... :)
Yep, I agree it shouldn't be an encoding mechanism.
Pete
"Craig R. McClanahan" wrote:
> On Fri, 20 Apr 2001, Peter Alfors wrote:
>
> > Hello all,
> >
> > Is there any plan to update the ResponseUtil.filter() method to
> > handle more (or all) of the HTML special characters?
> > It looks like right now only 4 are being handled.
> >
> > Thanks,
> > Pete
> >
>
> What other characters are you concerned about? The purpose of filtering
> was to avoid problems where user data had HTML markup in it, but it wasn't
> designed to be a general purpose encoding mechanism.
>
> Craig
Re: HTML special characters
Posted by Jonathan Asbell <ja...@i-2000.com>.
Doesnt this issue depend on the character encoding? That is, high ascii
values (128-255) are control characters in some encodings, which I assume
you want to get rid of. Than, there is the 0-31 characters in ascii which
are control characters of which you want to get rid of all except tabs,
spaces, carriage returns, and line feeds. Than there are characters
reserved for private use in other ranges. FYI Macintosh has a 0x0 character
which breaks alot of apps, and netscape for mac versions 4.x have a bug
which introduces control characters on html form submissions.
----- Original Message -----
From: "Craig R. McClanahan" <cr...@apache.org>
To: "struts-user" <st...@jakarta.apache.org>
Sent: Monday, April 23, 2001 9:48 PM
Subject: Re: HTML special characters
>
>
> On Fri, 20 Apr 2001, Peter Alfors wrote:
>
> > Hello all,
> >
> > Is there any plan to update the ResponseUtil.filter() method to
> > handle more (or all) of the HTML special characters?
> > It looks like right now only 4 are being handled.
> >
> > Thanks,
> > Pete
> >
>
> What other characters are you concerned about? The purpose of filtering
> was to avoid problems where user data had HTML markup in it, but it wasn't
> designed to be a general purpose encoding mechanism.
>
> Craig
>
>
Re: HTML special characters
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Fri, 20 Apr 2001, Peter Alfors wrote:
> Hello all,
>
> Is there any plan to update the ResponseUtil.filter() method to
> handle more (or all) of the HTML special characters?
> It looks like right now only 4 are being handled.
>
> Thanks,
> Pete
>
What other characters are you concerned about? The purpose of filtering
was to avoid problems where user data had HTML markup in it, but it wasn't
designed to be a general purpose encoding mechanism.
Craig