Re: [Lift] Helpers.bind question

Tue, 09 Feb 2010 11:31:21 -0800 

On Tue, Feb 9, 2010 at 10:00 AM, GA <my_li...@me.com> wrote:

> Hello guys,
>
> I have a very silly question. I have a snippet that reads a string field
> from the database and it inserts it within a html page.
>
> So far so good. The text that the snippet reads from the database is a
> piece of html code. The problem is that the bind method replaces the "<" and
> ">" within the string with "&lt;" and "&gt;". The snippet looks like that:
>
> if (context != "") {
>             ContextHelp.findByKey(context.toLong) match {
>                 case Full(help) => {
>                         val message = help.contextHelp
>                         Helpers.bind("b", in, "text" ->  message.toString)
>                 }
>                 case _ => Helpers.bind("b", in, "text" -> "Context not
> found")
>             }
>         } else Helpers.bind("b", in, "text" -> "The URL is invalid. ")
>
>
> The HTML that calls the snippet looks like this:
>
> <lift:LoadHelp.getHelp>
> <b:text/>
> </lift:LoadHelp.getHelp>
>
> What should I do to get the html content without changes in the tags?
>

It is not Helpers.bind() that's transforming the text.  It's the XML
libraries that properly XML escape Text() elements when they are converted
from XML representation to a byte stream.

In almost every context, this is what you want... you want Strings to be
properly escaped.  If that was not the case, there would be tons of cross
site scripting issues.

So, what is the type of "message" in the code above?  Do you really, really,
really mean for the String representation of message to be not XML escaped?


>
> Thanks in advance,
>
> GA
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Lift" group.
> To post to this group, send email to lift...@googlegroups.com.
> To unsubscribe from this group, send email to
> liftweb+unsubscr...@googlegroups.com<liftweb%2bunsubscr...@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/liftweb?hl=en.
>



-- 
Lift, the simply functional web framework http://liftweb.net
Beginning Scala http://www.apress.com/book/view/1430219890
Follow me: http://twitter.com/dpp
Surf the harmonics

-- 
You received this message because you are subscribed to the Google Groups 
"Lift" group.
To post to this group, send email to lift...@googlegroups.com.
To unsubscribe from this group, send email to 
liftweb+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/liftweb?hl=en.

Reply via email to