Subject: Re: [xsl] xml/xsl character escaping in user entered data|
From: Julian Reschke <julian.reschke@xxxxxx>
Date: Sun, 04 Apr 2004 22:15:34 +0200
I have a relatively simple problem to solve, but as a newcomer to xml/xsl, I could use some help.
I have data in a database which is retrieved and published to the web but processing the db into xml and then converted to html via xsl transformations. My issue is that non-technical users enter the data into the database. I need to insure the following goals: 1. nothing the users enter can cause the subsequent xml files to be malformed 2. any intra-content html formatting they enter is preserved after the xsl transformations are complete. For example, user data such as: "Here is the <b>Title</b> of my article" needs to be preserved exactly so the browser will bold the "Title".
I have tried: 1. escaping any invalid xml chars with entity references. this achieves the first but not the second goal. 2. wrapping all user entered data with <![CDATA]> sections in the xml. This prevents any user entered data from breaking the subsequent xml file, but escapes any valid internal formatting once the xsl transformation is complete.
I'm not sure how to proceed.. Any help is greatly appreciated. Although, I'm not at liberty to alter the process of db ---> xml --(via xslt)--> html. So system design suggestions won't aide me. I'm just looking for a way to solve this particular problem.
-- <green/>bytes GmbH -- http://www.greenbytes.de -- tel:+492512807760