[ICE-5745] Allow <ice:message(s)> component to display HTML tags - ICEsoft JIRA Issue Tracker

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.8.2-EE-GA, 1.8.2-EE-GA_P01
Fix Version/s: None
Component/s: ICE-Components
Labels:
None
Environment:
ICEfaces EE only

ICEsoft Forum Reference:
http://www.icefaces.org/JForum/posts/list/15845.page

Description

Due to the changes made for ~~ICE-4699~~, the <ice:messages> component will no longer display HTML tags.

Activity

Hide

Permalink

Ted Goddard added a comment - 31/May/10 12:34 PM

Adding an escape="false" attribute ("true" being the default) would allow applications to provide HTML content in messages.

This would retain the default security features of the messages component. Note that with escape="false", the application becomes responsible for protection against cross-site scripting attacks via messages.

Show

Ted Goddard added a comment - 31/May/10 12:34 PM Adding an escape="false" attribute ("true" being the default) would allow applications to provide HTML content in messages. This would retain the default security features of the messages component. Note that with escape="false", the application becomes responsible for protection against cross-site scripting attacks via messages.

People

Assignee:

Unassigned

Reporter:

Arran Mccullough

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

20/May/10 3:53 PM

Updated:

21/Feb/14 3:15 PM