RE: [xsl] MSXML and unwanted entity output

Subject: RE: [xsl] MSXML and unwanted entity output
From: "Passin, Tom" <tpassin@xxxxxxxxxxxx>
Date: Thu, 27 May 2004 10:59:06 -0400
> From: Alex Scott [mailto:fastidious007@xxxxxxxxxxx] 
> 
> So how can I get a bit of javascript that is full of &&'s and 
> <'s to output 
> as &&'s and <'s
> 

[Mike Kay answered with this -]

"On the contrary, I'm saying that the XSLT serializer can output any
representation of an ampersand character that is legal in XML, and the
XML parser further down the line will treat all of these legal
representations in exactly the same way."


I will extend Mike's remarks a bit.  The representation - with any
character escapes - only comes into play when the result is serialized
into xml.  When the data is in the tree in memory, before serialization,
the characters do not need to be escaped, because there is no markup in
the in-memory representation.  The characters are stored as themselves.

Escaping is only needed when the results are serialized.  If the output
is to be xml, then of course all special characters need to be escaped.
But the processor that makes use of that xml will unescape them before
passing them to, say, a javascript engine.

With HTML, the serializer is supposed to produce legal html, which
includes andy javascript.  This is just what happens if you try it.
Here is an example, using Saxon.

Source:  

<root/>

Stylesheet - 

<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";>
<xsl:output method='html' encoding='utf-8'/>

<xsl:template match="/">
<html>
	<body>
		<script type='text/javascript'>
			alert(true &amp;&amp; false);
			alert(1 &lt; 2);
		</script>
	</body>
</html>
</xsl:template>

</xsl:stylesheet>

Result -

<html>
   <body>
      <script type="text/javascript">
         alert(true && false);
         alert(1 < 2);
      </script>
   </body>
</html>

This is just what you want, and the alerts pop up and show the right
messages.

In fact, you will find that you have more of a formatting problem - new
lines, indented lines, etc. than with the escaped characters when you
transform an xml document into an html page with javascript in it.
These problems can all be handled once you learn how.

If you want to output pure javascript code, without any markup, use the
text output method.

Cheers,

Tom P

Current Thread