Return-Path: Delivered-To: apmail-struts-user-archive@www.apache.org Received: (qmail 4781 invoked from network); 23 Aug 2007 17:11:21 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 23 Aug 2007 17:11:21 -0000 Received: (qmail 67124 invoked by uid 500); 23 Aug 2007 17:11:08 -0000 Delivered-To: apmail-struts-user-archive@struts.apache.org Received: (qmail 67099 invoked by uid 500); 23 Aug 2007 17:11:08 -0000 Mailing-List: contact user-help@struts.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Help: List-Post: List-Id: "Struts Users Mailing List" Reply-To: "Struts Users Mailing List" Delivered-To: mailing list user@struts.apache.org Received: (qmail 67088 invoked by uid 99); 23 Aug 2007 17:11:08 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Aug 2007 10:11:08 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of tolyen@gmail.com designates 66.249.82.227 as permitted sender) Received: from [66.249.82.227] (HELO wx-out-0506.google.com) (66.249.82.227) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Aug 2007 17:11:08 +0000 Received: by wx-out-0506.google.com with SMTP id i30so579185wxd for ; Thu, 23 Aug 2007 10:10:47 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=spRWq2GQdHd/a5+iAp7G+9UHx1YtzGr7aK63m5fAt5tq8/Qc33CRl1WAOIiIUjd/MzS5Mx266i/AknPQzgwU29wCQSSZban59sPlR5RuRN4yQpj2OEGPoY+zyAfdMYIhMaKLZF86DA0mv4eDqX7AO9VX7rdst2NB7v5STFyqCUo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=pAupyFjXl/wvRyaWPBag6n3vSKszy6S0Hhlh6virzbR6jQi2zpiBn7nA0GukHTVCDUPrRSUz0rtQZr9F9/x5Mlzql0bV1784WsqANb919i5fXvinW004G0PGi6VMqxQ1HWCP8cTLxFMtsELfS7gqgzzyjNwQ8xDLcklWY7OoK5U= Received: by 10.90.78.9 with SMTP id a9mr6930384agb.1187889046553; Thu, 23 Aug 2007 10:10:46 -0700 (PDT) Received: by 10.100.136.20 with HTTP; Thu, 23 Aug 2007 10:10:46 -0700 (PDT) Message-ID: Date: Thu, 23 Aug 2007 20:10:46 +0300 From: "=?ISO-8859-1?Q?Toni_Lyytik=E4inen?=" To: "Struts Users Mailing List" Subject: Re: Sanitize Text In-Reply-To: <46CDBD44.3060905@fdar.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_13215_1752188.1187889046525" References: <4a12aaf80708230953l23e9a364hb014efe2f6cb0edb@mail.gmail.com> <46CDBD44.3060905@fdar.com> X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_13215_1752188.1187889046525 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline You could just override the string conversion in xwork: http://struts.apache.org/2.x/docs/type-conversion.html define something like this in xwork-conversion.properties java.lang.String=org.example.MyConverter Then create a class MyConverter that extends the XWorkBasicConverter and override the behaviour of the convertValue method in the case of string to string conversion. I'm not sure if this is actually a good way, but it's easy enough and with simple configuration it works everywhere in you webapp. On 8/23/07, Ian Roughley wrote: > > This is a good approach. In fact, you might start with the params > interceptor - as it is responsible for assigning data to the action, and > all that is needed is to sanitize before assignment. > > /Ian > > Richard Sayre wrote: > > I was wondering what the best approach would be for taking form data > > passed to an Action and removing 'special characters' from the data. > > I am having issues with users pasting text from word docs etc. We > > only support ISO-8859-1 as of now and there are some characters that > > Word will replace such as ' and " with character that are outside the > > 8839-1 character set. > > > > I was thinking about an interceptor that would sanitize the request > > parameters before they are passed to the action. Is this a good > > approach? Can anyone suggest a better one? It does not matter if it > > uses Struts or not. > > > > Thank you > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org > > For additional commands, e-mail: user-help@struts.apache.org > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org > For additional commands, e-mail: user-help@struts.apache.org > > ------=_Part_13215_1752188.1187889046525--