According to Jason Scharlach:
> In my case the file which contains all of this javascript is defined by
> the 'search_results_wrapper' paramater in the conf file. Here is
> snippet from my conf file that defines all of the template locations.
> ------------------
> #
> # Specify search templates:
> #
> search_results_wrapper: ${fullsearchroot}/results.html
> nothing_found_file: ${fullsearchroot}/nomatch.html
> syntax_error_file: ${fullsearchroot}/syntax.html
>
> #
> # Specify the format of the short and long type returns.
> #
> template_map: Long long ${fullsearchroot}/long.html \
> Short short ${fullsearchroot}/short.html
> template_name: long
> ------------------
> The results.html file is a complete HTML file with all of javascript
> that I mentioned below. Is also contains the HTDig specific variables
> such as LOGICAL_WORDS, FIRSTDISPLAYED, LASTDISPLAYED, MATCHES,
> HTSEARCH_RESULTS all of which are being displayed correctly on the
> results page.
>
> Hope this helps.
>
> Jason
Are you sure you were running 3.1.5 before? Was the code patched at
all before to handle template contents differently. I've just tried
the snippet of javascript below in a wrapper file with htsearch 3.1.6,
3.1.5, and 3.1.3, and I get the same results. The "\'" sequence always
gets changed to a single "'". That's what the backslash does in templates.
It makes htsearch take the following character literally, discarding the
backslash. Looking back at the code, I can see it's been this way
even back in 3.0.8b2. If you have a version of htsearch that doesn't
swallow the backslash, it must be because it was patched not to do this
on your system. The correct solution is to double up the backslashes,
as you did, but I'm at a loss as to how it was that you didn't have to
do this before.
> > According to Jason Scharlach:
> > > I'm trying to upgrade my htdig install to 3.1.6 to fix the security
> > > problems but there appear to be a inconsistancy with how they handle
> > > result templates. The result templates (from 3.1.5) contain a good deal
> > > of javascript, with quite a few escaped quotes, like so:
> > >
> > > document.write('<area shape="rect" coords="0,43,178,57"
> > > href="javascript:openWindow(\'/pub/west/tools/rate_start.html\')">');
> > >
> > > However, in 3.1.6 these pages throw off javascript errors. I've poked
> > > around a bit and it appears as though 3.1.6 is tossing away the \ hence
> > > causing problems. I can remedy the problem by adding an additional \ so
> > > the above line becomes:
> > >
> > > document.write('<area shape="rect" coords="0,43,178,57"
> > > href="javascript:openWindow(\\'/pub/west/tools/rate_start.html\\')">');
> > >
> > > Why did this change? What's the deal?
--
Gilles R. Detillieux E-mail: <[EMAIL PROTECTED]>
Spinal Cord Research Centre WWW: http://www.scrc.umanitoba.ca/~grdetil
Dept. Physiology, U. of Manitoba Phone: (204)789-3766
Winnipeg, MB R3E 3J7 (Canada) Fax: (204)789-3930
_______________________________________________
htdig-general mailing list <[EMAIL PROTECTED]>
To unsubscribe, send a message to <[EMAIL PROTECTED]> with a
subject of unsubscribe
FAQ: http://htdig.sourceforge.net/FAQ.html
