-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 John,
Mississippi John Hurt wrote: > I notice if the quote is escaped as... \' > then it works fine, the problem is it will display wrong looking exactly > like above, so I have to escape it 2 different ways... Yeah, that's pretty much the deal. You want to do "javascript escaping", not "HTML escaping". That's often inconvenient. However, you know that the content will be going into the "onclick" attribute, which will always be javascript. You ought to be able to javascript-escape it first, then HTML escape it (to catch any of those pesky non-HTML characters you might want to display). > Using ' the default in most cases, but using the \' just for this > javascript workaround. > Is this correct, there's got to be a better way. I dont want to have 2 > versions of the same name (coming from the db). No, you're right: separate storage is a kludge and a mistake. On-the-fly escaping is the way to do it. You might have to write your own method in your JSP, or your own tool that lives in the application scope, or your own tag that does this kind of thing. Have you searched to see if there are appropriate tags that already exist? For instance, the Struts tags for dealing with validation might be a good place to start (which is what I was recommending at first). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFcJXh9CaO5/Lv0PARAtVBAKCMHaZFvhcrEUpzruSkwiDleloXWgCgl62S 7AD5fvFrHESWPIv3N2eW2bo= =w3v2 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
