You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tapestry.apache.org by Paul Stanton <pa...@mapshed.com.au> on 2010/06/16 03:39:38 UTC

further entity escaping issues in tml

I have a case where I need to have special characters within my 'valid 
xml' tml template. I know I *could* move some of this code out to an 
acompanying js include, or add the script via rendersupport, however 
that will complicate my code considering this block needs to be executed 
at that particular point of page render.

consider the following

MyPage.tml

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" 
xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
xmlns:p="tapestry:parameter">

   <script type="text/javascript">
        alert(true && false);
    </script>

</html>
----------------------------------------------------------
Result:
TML Parse Exception - Failure parsing template : 
[com.ctc.wstx.exc.WstxLazyException] Unexpected character '&' (code 38) 
(expected a name start character)


So I should properly reference the entity for ampersand?
---------------------------------------------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" 
xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
xmlns:p="tapestry:parameter">

   <script type="text/javascript">
        alert(true &amp;&amp; false);
    </script>

</html>
----------------------------------------------------------
Result:
...
    <script type="text/javascript>
            alert(true &amp;&amp; false);
    </script>
...


maybe wrapping the offensive content in a CDATA block should solve this?
---------------------------------------------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" 
xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
xmlns:p="tapestry:parameter">

   <script type="text/javascript">
        <![CDATA[
            alert(true && false);
        ]]>
    </script>

</html>
----------------------------------------------------------
Result:
...
    <script type="text/javascript>
            alert(true &amp;&amp; false);
    </script>
...

How do I get my special characters (&,<,> etc) in unmolested?

Thanks, p.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: further entity escaping issues in tml

Posted by Josh Canfield <jo...@gmail.com>.

Yah, that's from being old and having to write code for browsers that  
didn't support JavaScript!

-- Josh

On Jun 16, 2010, at 3:26 AM, Paul Stanton <pa...@mapshed.com.au> wrote:

> neat trick, thanks josh.
>
> Josh Canfield wrote:
>>> <script type="text/javascript">
>> <!-- // hide script from tapestry
>>>      alert(true && false);
>> //-->
>>>  </script>
>>
>> -- Josh
>>
>> On Jun 15, 2010, at 6:39 PM, Paul Stanton <pa...@mapshed.com.au>  
>> wrote:
>>
>>> I have a case where I need to have special characters within my  
>>> 'valid xml' tml template. I know I *could* move some of this code  
>>> out to an acompanying js include, or add the script via  
>>> rendersupport, however that will complicate my code considering  
>>> this block needs to be executed at that particular point of page  
>>> render.
>>>
>>> consider the following
>>>
>>> MyPage.tml
>>>
>>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
>>> ">
>>> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
>>> " xmlns:p="tapestry:parameter">
>>>
>>> <script type="text/javascript">
>>>      alert(true && false);
>>>  </script>
>>>
>>> </html>
>>> ----------------------------------------------------------
>>> Result:
>>> TML Parse Exception - Failure parsing template :  
>>> [com.ctc.wstx.exc.WstxLazyException] Unexpected character  
>>> '&' (code 38) (expected a name start character)
>>>
>>>
>>> So I should properly reference the entity for ampersand?
>>> ---------------------------------------------------------
>>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
>>> ">
>>> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
>>> " xmlns:p="tapestry:parameter">
>>>
>>> <script type="text/javascript">
>>>      alert(true &amp;&amp; false);
>>>  </script>
>>>
>>> </html>
>>> ----------------------------------------------------------
>>> Result:
>>> ...
>>>  <script type="text/javascript>
>>>          alert(true &amp;&amp; false);
>>>  </script>
>>> ...
>>>
>>>
>>> maybe wrapping the offensive content in a CDATA block should solve  
>>> this?
>>> ---------------------------------------------------------
>>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
>>> ">
>>> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
>>> " xmlns:p="tapestry:parameter">
>>>
>>> <script type="text/javascript">
>>>      <![CDATA[
>>>          alert(true && false);
>>>      ]]>
>>>  </script>
>>>
>>> </html>
>>> ----------------------------------------------------------
>>> Result:
>>> ...
>>>  <script type="text/javascript>
>>>          alert(true &amp;&amp; false);
>>>  </script>
>>> ...
>>>
>>> How do I get my special characters (&,<,> etc) in unmolested?
>>>
>>> Thanks, p.
>>>
>>> --- 
>>> ------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>>> For additional commands, e-mail: users-help@tapestry.apache.org
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: further entity escaping issues in tml

Posted by Paul Stanton <pa...@mapshed.com.au>.

neat trick, thanks josh.

Josh Canfield wrote:
>> <script type="text/javascript">
> <!-- // hide script from tapestry
>>       alert(true && false);
> //-->
>>   </script>
>
> -- Josh
>
> On Jun 15, 2010, at 6:39 PM, Paul Stanton <pa...@mapshed.com.au> wrote:
>
>> I have a case where I need to have special characters within my 
>> 'valid xml' tml template. I know I *could* move some of this code out 
>> to an acompanying js include, or add the script via rendersupport, 
>> however that will complicate my code considering this block needs to 
>> be executed at that particular point of page render.
>>
>> consider the following
>>
>> MyPage.tml
>>
>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
>> <html xmlns="http://www.w3.org/1999/xhtml" 
>> xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
>> xmlns:p="tapestry:parameter">
>>
>>  <script type="text/javascript">
>>       alert(true && false);
>>   </script>
>>
>> </html>
>> ----------------------------------------------------------
>> Result:
>> TML Parse Exception - Failure parsing template : 
>> [com.ctc.wstx.exc.WstxLazyException] Unexpected character '&' (code 
>> 38) (expected a name start character)
>>
>>
>> So I should properly reference the entity for ampersand?
>> ---------------------------------------------------------
>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
>> <html xmlns="http://www.w3.org/1999/xhtml" 
>> xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
>> xmlns:p="tapestry:parameter">
>>
>>  <script type="text/javascript">
>>       alert(true &amp;&amp; false);
>>   </script>
>>
>> </html>
>> ----------------------------------------------------------
>> Result:
>> ...
>>   <script type="text/javascript>
>>           alert(true &amp;&amp; false);
>>   </script>
>> ...
>>
>>
>> maybe wrapping the offensive content in a CDATA block should solve this?
>> ---------------------------------------------------------
>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
>> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
>> <html xmlns="http://www.w3.org/1999/xhtml" 
>> xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd" 
>> xmlns:p="tapestry:parameter">
>>
>>  <script type="text/javascript">
>>       <![CDATA[
>>           alert(true && false);
>>       ]]>
>>   </script>
>>
>> </html>
>> ----------------------------------------------------------
>> Result:
>> ...
>>   <script type="text/javascript>
>>           alert(true &amp;&amp; false);
>>   </script>
>> ...
>>
>> How do I get my special characters (&,<,> etc) in unmolested?
>>
>> Thanks, p.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org

Re: further entity escaping issues in tml

Posted by Josh Canfield <jo...@gmail.com>.

> <script type="text/javascript">
<!-- // hide script from tapestry
>       alert(true && false);
//-->
>   </script>

-- Josh

On Jun 15, 2010, at 6:39 PM, Paul Stanton <pa...@mapshed.com.au> wrote:

> I have a case where I need to have special characters within my  
> 'valid xml' tml template. I know I *could* move some of this code  
> out to an acompanying js include, or add the script via  
> rendersupport, however that will complicate my code considering this  
> block needs to be executed at that particular point of page render.
>
> consider the following
>
> MyPage.tml
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
> ">
> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
> " xmlns:p="tapestry:parameter">
>
>  <script type="text/javascript">
>       alert(true && false);
>   </script>
>
> </html>
> ----------------------------------------------------------
> Result:
> TML Parse Exception - Failure parsing template :  
> [com.ctc.wstx.exc.WstxLazyException] Unexpected character '&' (code  
> 38) (expected a name start character)
>
>
> So I should properly reference the entity for ampersand?
> ---------------------------------------------------------
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
> ">
> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
> " xmlns:p="tapestry:parameter">
>
>  <script type="text/javascript">
>       alert(true &amp;&amp; false);
>   </script>
>
> </html>
> ----------------------------------------------------------
> Result:
> ...
>   <script type="text/javascript>
>           alert(true &amp;&amp; false);
>   </script>
> ...
>
>
> maybe wrapping the offensive content in a CDATA block should solve  
> this?
> ---------------------------------------------------------
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd 
> ">
> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:t="http://tapestry.apache.org/schema/tapestry_5_1_0.xsd 
> " xmlns:p="tapestry:parameter">
>
>  <script type="text/javascript">
>       <![CDATA[
>           alert(true && false);
>       ]]>
>   </script>
>
> </html>
> ----------------------------------------------------------
> Result:
> ...
>   <script type="text/javascript>
>           alert(true &amp;&amp; false);
>   </script>
> ...
>
> How do I get my special characters (&,<,> etc) in unmolested?
>
> Thanks, p.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org