You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Immutability <de...@bielik.org> on 2011/10/05 16:14:02 UTC
[5.3] Possible issue with entity names in HTML attributes
Hi everyone :)
While playing with Google Web Fonts today http://www.google.com/webfont I
ran into an interesting issue with Tapestry 5.3 (currently running beta 10).
When a possible entity name is encountered by Tapestry within a template
file (TML) even if it resides within an element attribute, it will raise an
exception. For those unfamiliar with Google Web Fonts, it basically
generates a LINK element pointing to a CSS style hosted by Google. The HREF
contains various stuff such as font family and character sets, here's an
example:
<link href="
http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext"
rel="stylesheet" type="text/css"/>
Now - if you do this, Tapestry will scream:
Failure parsing template classpath:sk/jazd/kniha/components/SiteBorder.tml:
The reference to entity "subset" must end with the ';' delimiter.
This seems like a similar issue to the old JavaScript problem, where an
ampersand within a string will also cause an error. What do you guys think?
Is this to be expected, or is it a bug that should be addressed (i.e. not
check entities within quoted element attributes)?
Of course, as always (well - most of the time) with Tapestry, there's an
easy workaround:
<link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
and in your code:
public String getGoogleFontStyle()
{
return "
http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext";
}
Rado
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Josh Canfield <jo...@gmail.com>.
> In my defense, since Josh asked, I have actually tried it - but only in a
> browser (by copying and pasting the encoded URL) where such URL wouldn't
> work for me in Chrome (target PHP page would see a variable named "amp;2"
> instead of "2") but when I use an encoded URL in a Tapestry template, it
> actually works as expected.
I'm guessing that what was happening was that your PHP page was doing
the encoding for you and you ended up with it double encoded
("&amp;"). Tapestry isn't doing anything special with it.
> Anyway, all the fuss for such a stupid mistake... one learns every day!
> Thank you for your patience and help. I know some online forums where people
> would send me to hell for this, instead of patiently answering and
> explaining. :-)
Yeah, we've all been there! Who wants to be a part of a community that
berates people for trying to learn?
Josh
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Immutability <de...@bielik.org>.
Thiago, Uli, Josh - thank you all. Silly me! Got it now...
In my defense, since Josh asked, I have actually tried it - but only in a
browser (by copying and pasting the encoded URL) where such URL wouldn't
work for me in Chrome (target PHP page would see a variable named "amp;2"
instead of "2") but when I use an encoded URL in a Tapestry template, it
actually works as expected.
Anyway, all the fuss for such a stupid mistake... one learns every day!
Thank you for your patience and help. I know some online forums where people
would send me to hell for this, instead of patiently answering and
explaining. :-)
Rado
On Wed, Oct 5, 2011 at 5:01 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
> Please go to http://validator.w3.org/ and see for yourself. The & in the
> URL is invalid HTML4.01 as
> well as invalid XHTML1.0. It has to be encoded as "&".
>
> Uli
>
> On 05.10.2011 16:36, Radoslav Bielik wrote:
> > Uli, thank you for your response. I'm confused though. The ampersand is a
> > regular element of the URL and a separator of 2 querystring variables. If
> it
> > was encoded as you suggest, then the target server wouldn't recognize
> those
> > as 2 separate variables (in case of Google Web Fonts those variables are
> > "family" and "subset").
> >
> > Thanks,
> > Rado
> >
> > On Wed, Oct 5, 2011 at 4:28 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
> >
> >> This is absolutely correct behaviour since the url in the href attribute
> is
> >> not encoded as it should
> >> be. Replace '&' with '&' and you should be fine.
> >>
> >> Uli
> >>
> >> On 05.10.2011 16:14, Immutability wrote:
> >>> Hi everyone :)
> >>>
> >>> While playing with Google Web Fonts today
> http://www.google.com/webfontI
> >>> ran into an interesting issue with Tapestry 5.3 (currently running beta
> >> 10).
> >>> When a possible entity name is encountered by Tapestry within a
> template
> >>> file (TML) even if it resides within an element attribute, it will
> raise
> >> an
> >>> exception. For those unfamiliar with Google Web Fonts, it basically
> >>> generates a LINK element pointing to a CSS style hosted by Google. The
> >> HREF
> >>> contains various stuff such as font family and character sets, here's
> an
> >>> example:
> >>>
> >>> <link href="
> >>>
> >>
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> >> "
> >>> rel="stylesheet" type="text/css"/>
> >>>
> >>> Now - if you do this, Tapestry will scream:
> >>>
> >>> Failure parsing template
> >> classpath:sk/jazd/kniha/components/SiteBorder.tml:
> >>> The reference to entity "subset" must end with the ';' delimiter.
> >>>
> >>> This seems like a similar issue to the old JavaScript problem, where an
> >>> ampersand within a string will also cause an error. What do you guys
> >> think?
> >>> Is this to be expected, or is it a bug that should be addressed (i.e.
> not
> >>> check entities within quoted element attributes)?
> >>>
> >>> Of course, as always (well - most of the time) with Tapestry, there's
> an
> >>> easy workaround:
> >>>
> >>> <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
> >>>
> >>> and in your code:
> >>>
> >>> public String getGoogleFontStyle()
> >>> {
> >>> return "
> >>>
> >>
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> >> ";
> >>> }
> >>>
> >>> Rado
> >>>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> >> For additional commands, e-mail: users-help@tapestry.apache.org
> >>
> >>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Ulrich Stärk <ul...@spielviel.de>.
Please go to http://validator.w3.org/ and see for yourself. The & in the URL is invalid HTML4.01 as
well as invalid XHTML1.0. It has to be encoded as "&".
Uli
On 05.10.2011 16:36, Radoslav Bielik wrote:
> Uli, thank you for your response. I'm confused though. The ampersand is a
> regular element of the URL and a separator of 2 querystring variables. If it
> was encoded as you suggest, then the target server wouldn't recognize those
> as 2 separate variables (in case of Google Web Fonts those variables are
> "family" and "subset").
>
> Thanks,
> Rado
>
> On Wed, Oct 5, 2011 at 4:28 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
>
>> This is absolutely correct behaviour since the url in the href attribute is
>> not encoded as it should
>> be. Replace '&' with '&' and you should be fine.
>>
>> Uli
>>
>> On 05.10.2011 16:14, Immutability wrote:
>>> Hi everyone :)
>>>
>>> While playing with Google Web Fonts today http://www.google.com/webfontI
>>> ran into an interesting issue with Tapestry 5.3 (currently running beta
>> 10).
>>> When a possible entity name is encountered by Tapestry within a template
>>> file (TML) even if it resides within an element attribute, it will raise
>> an
>>> exception. For those unfamiliar with Google Web Fonts, it basically
>>> generates a LINK element pointing to a CSS style hosted by Google. The
>> HREF
>>> contains various stuff such as font family and character sets, here's an
>>> example:
>>>
>>> <link href="
>>>
>> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
>> "
>>> rel="stylesheet" type="text/css"/>
>>>
>>> Now - if you do this, Tapestry will scream:
>>>
>>> Failure parsing template
>> classpath:sk/jazd/kniha/components/SiteBorder.tml:
>>> The reference to entity "subset" must end with the ';' delimiter.
>>>
>>> This seems like a similar issue to the old JavaScript problem, where an
>>> ampersand within a string will also cause an error. What do you guys
>> think?
>>> Is this to be expected, or is it a bug that should be addressed (i.e. not
>>> check entities within quoted element attributes)?
>>>
>>> Of course, as always (well - most of the time) with Tapestry, there's an
>>> easy workaround:
>>>
>>> <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
>>>
>>> and in your code:
>>>
>>> public String getGoogleFontStyle()
>>> {
>>> return "
>>>
>> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
>> ";
>>> }
>>>
>>> Rado
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Josh Canfield <jo...@gmail.com>.
Did you try it? The browser should do the right thing and decode it before
using the link.
If you use firebug you'll probably see that it's already been unescaped in
the Dom.
On Oct 5, 2011 7:37 AM, "Radoslav Bielik" <ra...@bielik.org> wrote:
> Uli, thank you for your response. I'm confused though. The ampersand is a
> regular element of the URL and a separator of 2 querystring variables. If
it
> was encoded as you suggest, then the target server wouldn't recognize
those
> as 2 separate variables (in case of Google Web Fonts those variables are
> "family" and "subset").
>
> Thanks,
> Rado
>
> On Wed, Oct 5, 2011 at 4:28 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
>
>> This is absolutely correct behaviour since the url in the href attribute
is
>> not encoded as it should
>> be. Replace '&' with '&' and you should be fine.
>>
>> Uli
>>
>> On 05.10.2011 16:14, Immutability wrote:
>> > Hi everyone :)
>> >
>> > While playing with Google Web Fonts today
http://www.google.com/webfontI
>> > ran into an interesting issue with Tapestry 5.3 (currently running beta
>> 10).
>> > When a possible entity name is encountered by Tapestry within a
template
>> > file (TML) even if it resides within an element attribute, it will
raise
>> an
>> > exception. For those unfamiliar with Google Web Fonts, it basically
>> > generates a LINK element pointing to a CSS style hosted by Google. The
>> HREF
>> > contains various stuff such as font family and character sets, here's
an
>> > example:
>> >
>> > <link href="
>> >
>>
http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
>> "
>> > rel="stylesheet" type="text/css"/>
>> >
>> > Now - if you do this, Tapestry will scream:
>> >
>> > Failure parsing template
>> classpath:sk/jazd/kniha/components/SiteBorder.tml:
>> > The reference to entity "subset" must end with the ';' delimiter.
>> >
>> > This seems like a similar issue to the old JavaScript problem, where an
>> > ampersand within a string will also cause an error. What do you guys
>> think?
>> > Is this to be expected, or is it a bug that should be addressed (i.e.
not
>> > check entities within quoted element attributes)?
>> >
>> > Of course, as always (well - most of the time) with Tapestry, there's
an
>> > easy workaround:
>> >
>> > <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
>> >
>> > and in your code:
>> >
>> > public String getGoogleFontStyle()
>> > {
>> > return "
>> >
>>
http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
>> ";
>> > }
>> >
>> > Rado
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Radoslav Bielik <ra...@bielik.org>.
Uli, thank you for your response. I'm confused though. The ampersand is a
regular element of the URL and a separator of 2 querystring variables. If it
was encoded as you suggest, then the target server wouldn't recognize those
as 2 separate variables (in case of Google Web Fonts those variables are
"family" and "subset").
Thanks,
Rado
On Wed, Oct 5, 2011 at 4:28 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
> This is absolutely correct behaviour since the url in the href attribute is
> not encoded as it should
> be. Replace '&' with '&' and you should be fine.
>
> Uli
>
> On 05.10.2011 16:14, Immutability wrote:
> > Hi everyone :)
> >
> > While playing with Google Web Fonts today http://www.google.com/webfontI
> > ran into an interesting issue with Tapestry 5.3 (currently running beta
> 10).
> > When a possible entity name is encountered by Tapestry within a template
> > file (TML) even if it resides within an element attribute, it will raise
> an
> > exception. For those unfamiliar with Google Web Fonts, it basically
> > generates a LINK element pointing to a CSS style hosted by Google. The
> HREF
> > contains various stuff such as font family and character sets, here's an
> > example:
> >
> > <link href="
> >
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> "
> > rel="stylesheet" type="text/css"/>
> >
> > Now - if you do this, Tapestry will scream:
> >
> > Failure parsing template
> classpath:sk/jazd/kniha/components/SiteBorder.tml:
> > The reference to entity "subset" must end with the ';' delimiter.
> >
> > This seems like a similar issue to the old JavaScript problem, where an
> > ampersand within a string will also cause an error. What do you guys
> think?
> > Is this to be expected, or is it a bug that should be addressed (i.e. not
> > check entities within quoted element attributes)?
> >
> > Of course, as always (well - most of the time) with Tapestry, there's an
> > easy workaround:
> >
> > <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
> >
> > and in your code:
> >
> > public String getGoogleFontStyle()
> > {
> > return "
> >
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> ";
> > }
> >
> > Rado
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Immutability <de...@bielik.org>.
Uli, thank you for your response. I'm confused though. The ampersand is a
regular element of the URL and a separator of 2 querystring variables. If it
was encoded as you suggest, then the target server wouldn't recognize those
as 2 separate variables (in case of Google Web Fonts those variables are
"family" and "subset").
Thanks,
Rado
On Wed, Oct 5, 2011 at 4:28 PM, Ulrich Stärk <ul...@spielviel.de> wrote:
> This is absolutely correct behaviour since the url in the href attribute is
> not encoded as it should
> be. Replace '&' with '&' and you should be fine.
>
> Uli
>
> On 05.10.2011 16:14, Immutability wrote:
> > Hi everyone :)
> >
> > While playing with Google Web Fonts today http://www.google.com/webfontI
> > ran into an interesting issue with Tapestry 5.3 (currently running beta
> 10).
> > When a possible entity name is encountered by Tapestry within a template
> > file (TML) even if it resides within an element attribute, it will raise
> an
> > exception. For those unfamiliar with Google Web Fonts, it basically
> > generates a LINK element pointing to a CSS style hosted by Google. The
> HREF
> > contains various stuff such as font family and character sets, here's an
> > example:
> >
> > <link href="
> >
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> "
> > rel="stylesheet" type="text/css"/>
> >
> > Now - if you do this, Tapestry will scream:
> >
> > Failure parsing template
> classpath:sk/jazd/kniha/components/SiteBorder.tml:
> > The reference to entity "subset" must end with the ';' delimiter.
> >
> > This seems like a similar issue to the old JavaScript problem, where an
> > ampersand within a string will also cause an error. What do you guys
> think?
> > Is this to be expected, or is it a bug that should be addressed (i.e. not
> > check entities within quoted element attributes)?
> >
> > Of course, as always (well - most of the time) with Tapestry, there's an
> > easy workaround:
> >
> > <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
> >
> > and in your code:
> >
> > public String getGoogleFontStyle()
> > {
> > return "
> >
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext
> ";
> > }
> >
> > Rado
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
Re: [5.3] Possible issue with entity names in HTML attributes
Posted by Ulrich Stärk <ul...@spielviel.de>.
This is absolutely correct behaviour since the url in the href attribute is not encoded as it should
be. Replace '&' with '&' and you should be fine.
Uli
On 05.10.2011 16:14, Immutability wrote:
> Hi everyone :)
>
> While playing with Google Web Fonts today http://www.google.com/webfont I
> ran into an interesting issue with Tapestry 5.3 (currently running beta 10).
> When a possible entity name is encountered by Tapestry within a template
> file (TML) even if it resides within an element attribute, it will raise an
> exception. For those unfamiliar with Google Web Fonts, it basically
> generates a LINK element pointing to a CSS style hosted by Google. The HREF
> contains various stuff such as font family and character sets, here's an
> example:
>
> <link href="
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext"
> rel="stylesheet" type="text/css"/>
>
> Now - if you do this, Tapestry will scream:
>
> Failure parsing template classpath:sk/jazd/kniha/components/SiteBorder.tml:
> The reference to entity "subset" must end with the ';' delimiter.
>
> This seems like a similar issue to the old JavaScript problem, where an
> ampersand within a string will also cause an error. What do you guys think?
> Is this to be expected, or is it a bug that should be addressed (i.e. not
> check entities within quoted element attributes)?
>
> Of course, as always (well - most of the time) with Tapestry, there's an
> easy workaround:
>
> <link href="${googleFontStyle}" rel="stylesheet" type="text/css"/>
>
> and in your code:
>
> public String getGoogleFontStyle()
> {
> return "
> http://fonts.googleapis.com/css?family=Francois+One&subset=latin,latin-ext";
> }
>
> Rado
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org