|
Subject: RE: [xsl] disable-output-escaping From: Benjamin Franz <snowhare@xxxxxxxxxxx> Date: Mon, 1 Jul 2002 08:42:59 -0700 (PDT) |
On Mon, 1 Jul 2002, CROFT, MICHAEL wrote:
> The & is a character that could be entered by the user, I have no control
> over what they enter. It is a dynamic process. I need to tell the XML
> parser to treat any text entered by the user as text.
Ok. Then what you have is a _data entry_ issue, not an _output_ issue.
There are a largish number of character 'values' that could be entered by
a user that will render your XML _syntactically_ invalid. So, you _MUST_
have a 'prefilter' on your storage system to escape all characters that
must be escaped (&, ', " and < would be good candidates) and _removes_ all
characters that are flat illegal. You will need to consult the XML spec at
W3C for particulars. And don't forget character encoding issues - XML by
default uses UTF-8 - while many clients use either ISO8859-1 or whatever
their desktop default is under windows. Mixing encodings is a Bad Thing
(tm).
Otherwise, your best bet is to Base64 encode _all_ data entered by the
user for storage and post-process the base64 data back into the raw
output you want.
--
Benjamin Franz
The only way of discovering the limits of the possible is
to venture a little way past them into the impossible.
---Arthur C. Clarke
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
| Current Thread |
|---|
|
| <- Previous | Index | Next -> |
|---|---|---|
| RE: [xsl] disable-output-escaping, CROFT, MICHAEL | Thread | RE: [xsl] disable-output-escaping, Wendell Piez |
| Re: [xsl] disable-output-escaping, Wendell Piez | Date | Re: [xsl] XSL: For-Each Efficient o, Wendell Piez |
| Month |