Subject: RE: [xsl] Parsing Input Data for well-formedness From: "McKeever, Marty" <marty.mckeever@xxxxxxxxxxxxxxxxx> Date: Tue, 09 Oct 2001 16:24:46 -0400 |
I've two possible scenarios to worry about: 1. data coming from a database: <p><%= bean.getCompanyName() %></p> or <input type="text" value="<%=bean.getLoanType()%>" /> 2. form data input by the user <p><%= request.getParameter("Comments") %></p> so what i'm hoping for is some kind of XMLSafe(String) method that will guarantee that the output is well formed -- but wont add anything it doesnt need to. String Comments = "That's all, Over & Out"; XMLSafe(Comments) -> "That's all, Over & Out" You never know what a user mught type into a textarea for comments. I want to guarantee that it can be displayed upon receipt. I guess i'll have to write (yet another) wheel from scratch... > -----Original Message----- > From: Wendell Piez [mailto:wapiez@xxxxxxxxxxxxxxxx] > Sent: Tuesday, October 09, 2001 2:41 PM > To: xsl-list@xxxxxxxxxxxxxxxxxxxxxx > Subject: Re: [xsl] Parsing Input Data for well-formedness > > > Marty, > > The only characters you need to worry about are '&' and '<'. XML is > deliberately put together this way. > > Why are double escapings a problem? you just have to find, > and escape, any > '&' or '<' that is not a markup delimiter. > > How bad the problem is depends on what's coming in. If it's > well-formed XML > (which you've said it isn't, I know), all '&' and '<' are markup > delimiters except those in CDATA marked sections. If it's > plain text, none > of them will be markup delimiters since there's no markup. If it's > something else, things get trickier. HTML would be such a format, or > non-well-formed pseudo-XML fragments. In this case, you need > to know not > only what you want from these characters (that's pretty easy: > & or > <), but also what you want to happen to your markup (and > how you tell > it's markup). > > Which of these do you have? > > Cheers, > Wendell > > At 01:45 PM 10/9/01, you wrote: > >When building an XML file from external data, we need to > validate that each > >input string is well-formed. The specific situation is a > Loan Type field > >which returns "A&D". Before we populate our XML file, we > need to convert > >this to "A&D". Otherwise the XSLT will complain and not > render the > >final page. > > > >Before we build a utility class for checking/correcting > these (all?!?) input > >strings, i have to ask the obvious -- has anyone already > created something > >like this? Certainly there are many other characters we will need to > >consider, and we'll have to watch out for double-escaping things > >(A&amp;D). > > > >Must i reinvent this wheel? > > > ====================================================================== > Wendell Piez mailto:wapiez@xxxxxxxxxxxxxxxx > Mulberry Technologies, Inc. http://www.mulberrytech.com > 17 West Jefferson Street Direct Phone: 301/315-9635 > Suite 207 Phone: 301/315-9631 > Rockville, MD 20850 Fax: 301/315-8285 > ---------------------------------------------------------------------- > Mulberry Technologies: A Consultancy Specializing in SGML and XML > ====================================================================== > > > XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list > XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
Re: [xsl] Parsing Input Data for we, Wendell Piez | Thread | Re: [xsl] Parsing Input Data for we, cutlass |
Re: [xsl] Re: Overlapping structure, Robin Cover | Date | Re: [xsl] Numbered Lists, Thomas B. Passin |
Month |