Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 1.7
-
Fix Version/s: 2.0-Alpha3, 2.0.0
-
Component/s: Framework
-
Labels:None
-
Environment:ICEfaces
-
ICEsoft Forum Reference:
Description
As the API says, text has to be written "after performing any escaping
appropriate for the markup language being rendered".
The SUN RI HtmlResponseWriter implements the escaping.
In ICEFaces text render, escaping is implemented by converting
text with DOMUtils.escapeAnsi().
The implementation currently does not escape text inserted in the DOM. Note that it can be argued that the DOM should not contain escaped text and that any escaping should be performed during DOM serialization.
appropriate for the markup language being rendered".
The SUN RI HtmlResponseWriter implements the escaping.
In ICEFaces text render, escaping is implemented by converting
text with DOMUtils.escapeAnsi().
The implementation currently does not escape text inserted in the DOM. Note that it can be argued that the DOM should not contain escaped text and that any escaping should be performed during DOM serialization.
Issue Links
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion