ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Al Byers <bye...@automationgroups.com>
Subject Re: Dealing with ESAPI in CMS
Date Tue, 24 Feb 2009 05:20:11 GMT
I am storing a very large JSON string in the database using the CMS. Am I
right in understanding that because the createTextContent service does not
have an "allowHtml" attribute on the textData field set to "none" that in
ModelService.validate method it is the
StringUtil.checkStringForHtmlStrictNone call that is encoding the double
quotes that are in the string?

What would setting allowHtml to "safe" do? Still encode?

If this is the case, do we have any options other than writing different
versions of content persisting services to handle the case where we do not
want encoding to happen?


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message