You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@velocity.apache.org by Ed Yu <ek...@asg.sc.edu> on 2003/07/09 20:16:53 UTC
Velocity tools up coming release question
Hi all,
I have a question about the up coming velocity tools release. What will
be the default behavior of the rendering of references? It is going to
be escaped (HTML) or not?
IMHO, I believe that the default behavior should be to escape all HTML
special characters when displaying references. This matches up with the
default JSP behavior (I believe, I could be wrong on this). In this
case, we can easily port JSPs over to velocity-tools.
What do you all think?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Ed Yu, Senior Solutions Architect (IBM Certified AIX Administrator),
Advanced Solutions Group, Physics Dept., University of South Carolina,
Columbia, SC 29208
Office (803)777-8831, FAX (803)777-8833, Email ekyu@asg.sc.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org
Re: Velocity tools up coming release question
Posted by Daniel Rall <dl...@finemaltcoding.com>.
"Ed Yu" <ek...@asg.sc.edu> writes:
> I have a question about the up coming velocity tools release. What will
> be the default behavior of the rendering of references? It is going to
> be escaped (HTML) or not?
Hi Ed. Did you mean this question to be specific to Tools, or does it
apply more to Velocity in general?
> IMHO, I believe that the default behavior should be to escape all HTML
> special characters when displaying references. This matches up with the
> default JSP behavior (I believe, I could be wrong on this). In this
> case, we can easily port JSPs over to velocity-tools.
As Velocity (and some of Tools) isn't used solely for SGML-derived
content, I would rather render references literally.
Like much else in Velocity, choice of escaping is pluggable.
Examination of ASTReference.java shows that a
ReferenceInsertionEventHandler in the EventCartridge attached to the
Context used when rendering ought to allow detection of null values,
giving the possibility of escaping the reference
public abstract class EscapeHandler implements ReferenceInsertionEventHandler
{
public Object referenceInsert(String reference, Object value)
{
if (value == null)
{
value = escape(reference);
}
return value;
}
protected abstract Object escape(Object value);
}
--
Daniel Rall
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org
Re: Velocity tools up coming release question
Posted by Claude Brisson <cl...@savoirweb.com>.
html escaping is another idea in the air, but I think clean implementations of escaping are more regarding the core than the tools.
I wouldn't enter another debate about html escaping without doing a serious review of what has been said about it since some time on
the mailing lists. I'll try to do such a review one day or another...
CloD
----- Original Message -----
From: "Ed Yu" <ek...@asg.sc.edu>
To: <ve...@jakarta.apache.org>
Sent: mercredi 9 juillet 2003 20:16
Subject: Velocity tools up coming release question
Hi all,
I have a question about the up coming velocity tools release. What will
be the default behavior of the rendering of references? It is going to
be escaped (HTML) or not?
IMHO, I believe that the default behavior should be to escape all HTML
special characters when displaying references. This matches up with the
default JSP behavior (I believe, I could be wrong on this). In this
case, we can easily port JSPs over to velocity-tools.
What do you all think?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Ed Yu, Senior Solutions Architect (IBM Certified AIX Administrator),
Advanced Solutions Group, Physics Dept., University of South Carolina,
Columbia, SC 29208
Office (803)777-8831, FAX (803)777-8833, Email ekyu@asg.sc.edu
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org
Re: Velocity tools up coming release question
Posted by Nathan Bubna <na...@esha.com>.
Ed Yu said:
> I have a question about the up coming velocity tools release. What will
> be the default behavior of the rendering of references? It is going to
> be escaped (HTML) or not?
references that render HTML will not be automatically escaped. velocity-tools
is basically in a code freeze until i can get this release to happen.
> IMHO, I believe that the default behavior should be to escape all HTML
> special characters when displaying references. This matches up with the
> default JSP behavior (I believe, I could be wrong on this). In this
> case, we can easily port JSPs over to velocity-tools.
...
hmm. i'm not sure what the default JSP behavior is. we won't be escaping any
HTML when rendering all references by default though. consider:
$errors.msgs or even just $msg.get('some.resource.that.contains.markup')
i would consider a patch that offered an option to escape all markup when
rendering references, but as Claude said, that might be a better fit in the
core and has been discussed.
anyway, even were it to become a simple configuration option, i don't plan to
support markup escaping as the default setting.
Nathan Bubna
nathan@esha.com
---------------------------------------------------------------------
To unsubscribe, e-mail: velocity-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: velocity-dev-help@jakarta.apache.org