xml-xalan-j-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Welch" <awe...@piper-group.com>
Subject RE: Have we disobeyed a cardinal rule?
Date Tue, 08 Oct 2002 08:13:10 GMT

To escape apostrophies for javascript you need to use a recursive
template that gets passed a string from your text() matching template,
which substrings its way through the string replacing ' with \'


   <xsl:template name="escape-string-for-javascript">
     <xsl:param name="str"/>
     <xsl:choose>
       <xsl:when test='contains($str,"&apos;")'>
         <xsl:variable name="before-first-apostrophe"
                       select='substring-before($str,"&apos;")'/>
         <xsl:variable name="after-first-apostrophe"
                       select='substring-after($str,"&apos;")'/>
         <xsl:value-of select="$before-first-apostrophe"/>\'<xsl:text/>
         <xsl:call-template name="escape-string-for-javascript">
            <xsl:with-param name="str" select="$after-first-apostrophe"
/>
         </xsl:call-template>
       </xsl:when>
       <xsl:otherwise>
         <xsl:value-of select="$str">
       </xsl:otherwise>
     </xsl:choose>
   </xsl:template>


And to pass the string to that:

<xsl:template match="text()">
  <xsl:choose>
    <xsl:when test='contains(.,"&apos;")'>
      <xsl:call-template name="escape-string-for-javascript">
        <xsl:with-param name="str" select="." />
      </xsl:call-template>
    </xsl:when>
    <xsl:otherwise>
      <xsl:value-of select=".">
    </xsl:otherwise>
  </xsl:choose>
</xsl:template>

remember to use apply-templates rather than value-of where possible
otherwise your text() template won't get called.


cheers
andrew 


-----Original Message-----
From: Koes, Derrick [mailto:Derrick.Koes@smith-nephew.com]
Sent: 07 October 2002 18:23
To: 'xalan-j-users@xml.apache.org'
Subject: Have we disobeyed a cardinal rule?



We are transforming XML to HTML using XSLT.  The problem is that some of
the values used to populate the HTML forms have quotes (' " ') in them.
These values seem to be in a fine state until they are used to populate
HTML input elements.  We don't URL encode/decode at the moment, but some
experimentation has shown that if the values are persisted as URL
encoded then are URL decoded and assigned to the appropriate elements
AFTER the page loads (e.g. in a onWindowLoad javascript method) things
are OK.

We've also seen that this is only a problem when they are being assigned
to attributes, since attributes use quotes to enclose their values.

To summarize, it appears we will have to URL encode and URL decode all
individual values (encoding/decoding as XML does not work well) for our
app to use these values.  Is this correct?  Is there a better way to
solve this problem?

Thanks,
Derrick
This electronic transmission is strictly confidential to Smith & Nephew
and intended solely for the addressee. It may contain information which
is covered by legal, professional or other privilege. If you are not the
intended addressee, or someone authorized by the intended addressee to
receive transmissions on behalf of the addressee, you must not retain,
disclose in any form, copy or take any action in reliance on this
transmission. If you have received this transmission in error, please
notify the sender as soon as possible and destroy this message.


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.394 / Virus Database: 224 - Release Date: 03/10/2002

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.394 / Virus Database: 224 - Release Date: 03/10/2002
 

Mime
View raw message