Hi Sharpy, I suspect using similar techniques to the prevention of sql injection as so on would be needed here. i.e., the string should be encoded / deencoded before being passed to or read from localizedValueForKey.
cheers, Lachlan > On 16 Feb 2016, at 9:16 PM, [email protected] wrote: > > Hello list, > > I’ve been using ERXLocalizedString for render time localisation support. > > It recently fell over when an EO attribute value was bound starting with the > character '@'. > > The KVC support in ERXLocalizer.localizedValueForKey identifies my String as > containing the _localizerMethodIndicatorCharacter char ('@') at index > position 0. Since my string (eg "@tester") is not one of the > NSArray.operatorNames() values it throws InvocationTargetException for > ERXLocalizer.tester() > > For now I'm wrapping my attribute value in my component class and returning > the value of ERXStringUtilities.localizedStringForKey which bypasses > ERXLocalizer and calls > WOApplication.application().resourceManager().stringForKey( key, > "Localizable", key, framework, languages) directly. > > I do enjoy the convenience of ERXLocalizedString though. I'm thinking of > perhaps adding a binding to indicate that I don't require keypath resoltion, > and it could just call ERXStringUtilities.localizedStringForKey > > Any other suggestions? > > Thanks, > > Sharpy.. > _______________________________________________ > Do not post admin requests to the list. They will be ignored. > Webobjects-dev mailing list ([email protected]) > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/webobjects-dev/lachlan.deck%40gmail.com > > This email sent to [email protected] _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
