Details
-
Type: Improvement
-
Status: Closed
-
Priority: Major
-
Resolution: Fixed
-
Affects Version/s: 1.7
-
Fix Version/s: 2.0-Alpha3, 2.0.0
-
Component/s: ICE-Components
-
Labels:None
-
Environment:ICEfaces
Description
In ICEfaces 1.8 and before, we focused on direct-to-DOM rendering, and implemented text escaping in DOMUtils.escapeAnsi(). But in stock JSF, text escaping is provided by the ResponseWriter, in its writeText(-), writeAttribute(-) and writeURIAttribute(-) methods. All stock JSF components use those methods, so that everything is escaped by default. For the rare exception, like when outputText has escape=false, then the unescaped write(-) method is used.
When we discovered that our DOMResponseWriter was missing this behaviour, it was too late to change it, because users were already working around it by manually escaping the output. We didn't want to break applications by double escaping. But now, with ICEfaces 2, we're able to make fixes that break backwards compatibility, so inICE-3182, we'll be changing our ResponseWriter to follow the standard escaping rules.
So, our ResponseWriter based compat components should be altered to not use DOMUtils.escapeAnsi() any more, and just use the appropriate ResponseWriter APIs instead.
When we discovered that our DOMResponseWriter was missing this behaviour, it was too late to change it, because users were already working around it by manually escaping the output. We didn't want to break applications by double escaping. But now, with ICEfaces 2, we're able to make fixes that break backwards compatibility, so in
So, our ResponseWriter based compat components should be altered to not use DOMUtils.escapeAnsi() any more, and just use the appropriate ResponseWriter APIs instead.
Issue Links
- depends on
-
ICE-3182 DOMResponseWriter.writeText() escaping
- Closed
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion