struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laurie Harper <lau...@holoweb.net>
Subject Re: Ampersand sign problem
Date Thu, 04 Sep 2008 19:00:39 GMT
Nayyer Kamran wrote:
> Hello,
> 
> Thanks for your answer. You are right that's what happening. On submission input text
sterling sign "£" escaped to the "ISO-8859-1" "&#163;" and when try to display it again
in the same html:text box it escape it again. So how can I avoid it what should I do. UTF8
work fine but it put some other constraint like database encoding. 

Hmm, I'm not sure at which point the various escapes are happening. It's 
possible the browser is sending the character as an entity reference 
because it's not supported by the Latin-1 encoding, in which case you'd 
have to handle the un--escaping during input processing. Using UTF-8 
avoids these kind of issues, though, so I don't know why you wouldn't 
just use that -- especially since you report success when doing so.

> I attached the code: JSP, action class, form class, and Struts config.

Not all the attachments made it through to the list; it's generally 
better to paste the relevant parts of your files rather than attach 
them, both to avoid having attachments filtered by the list and for brevity.

> I did not find any attribute "escape" in struts user guide can you give me some example.
I am using struts 1.2.9. 

Oops, sorry, S1's html:text doesn't have an 'escape' attribute :-/ I 
suspect you'll either need to switch to UTF-8 (or any encoding that 
supports all the characters you need to be able to deal with) or handle 
these cases yourself in you input processing.

L.

> Thanks for your help.
> 
> Regards, 
> 
> 
> -----Original Message-----
> From: Laurie Harper [mailto:laurie@holoweb.net] 
> Sent: Thursday, August 28, 2008 7:35 PM
> To: user@struts.apache.org
> Subject: Re: Ampersand sign problem
> 
> Can you post a code sample of what you are doing? html:text will only 
> escape its output once, so perhaps you are passing it a string that has 
> already been converted into the character entity form (&#163;)?
> 
> You could try escape="false", but I'd suggest understanding what's going 
> on first so you're confident that you aren't opening up 
> cross-site-scripting or other Javascript injection vulnerabilities by 
> doing so.
> 
> L.
> 
> Nayyer Kamran wrote:
>> Hello,
>>
>>  
>>
>> I am trying to use "ISO-8859-1" char set in my web application. But when I try to
display "?" sign using html:text field it displays "&#163;". If I look at the HTML source
there I see that "&" is escaped by the character entity "&amp;" so now instead of
"&#163;" the value is "&amp;#163;" .  Where as if I use simple input field to display
this value it work fine. 
>>
>>  
>>
>> I believe this is because html:text tag escaping "&" sign.  How I can avoid this
multiple escaping.
>>
>>  
>>
>> I am using jbossAS 4.0.5, Struts 1.2.9.
>>
>>  
>>
>> Any help will be appreciated. 
>>
>>  
>>
>> Regards, 
>>
>>  
>>
>>  
>>
>>  
>>
>>  
>>
>>
>> *******************************************************************************
>> This email and any files transmitted with it are intended solely for the use of the
individual or entity to whom they are addressed, and may contain confidential and/or proprietary
information. Therefore, any dissemination, distribution or copy of this email or such attached
files, or the information contained herein and therein, should be appropriately restricted.

>>  
>> If you have received this email in error please notify the sender immediately by
return email and kindly delete this message and all attachments..
>> *******************************************************************************
>>
>>
>>
> 
> 
> 
> ------------------------------------------------------------------------
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message