I was provided some documentation in SGML format. Not being familiar with the format I searched the web to find a suitable viewer but cant seem to locate one. Is there such a thing as a modern SGML viewer?
There is no such thing as an SGML viewer, because SGML is not a "document format" (or "document type") that could be visually displayed.
SGML is a language that is used to describe a document type.
You need to look for a "viewer" for your specific document type, and not for SGML.
SGML document types
You need to find out which document type your SGML file uses, and then find a viewer for that document type. You can see which document type your SGML file uses at the very top of the SGML file, where it says <!DOCTYPE .... E.g for a file that uses the document type XHTML it looks like this:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" []>
Document types described using SGML might be:
ATA iSpec 2200 AMM
CMM (Component Maintenance Manual)
HTML4
...
(SGML document types are described by "document type definitions" (DTD).)
Viewers / Editors
Of course, for HTML the "viewer" would be a web browser.
For other formats, the "viewer" (or "editor") will often be some kind of custom software, such as Arbortext Editor with custom extensions, or custom scripts or software that converts this specific document type into e.g. PDF. There is usually some kind of "styling file" involved, like CSS or FOSI, which describes how each element should be formatted and layouted.
Sometimes, the SGML files are not meant to be displayed as a whole at all, but are used to store data or transfer data between data bases and other software, which might only display small portions of the data at once.
Related
I'm on Evolus Pencil Project 3.1.0 on Linux 64x.
Both elements seem to be exactly the same?
I thought that "HTML text" could allow you to type directly with HTML tag, contrary to Richtext, but if it's not the case.
(For example, if I type in the HTML text box:
look to this link, it doesn't appear as a link)
Is there any HTML sanitizer or cleanup methods available in any JSF utilities kit or libraries like PrimeFaces/OmniFaces?
I need to sanitize HTML input by user via p:editor and display safe HTML output using escape="true", following the stackexchange style. Before displaying the HTML I'm thinking to store sanitized input data to the database, so that it is ready to safe use with escape="true" and XSS is not a danger.
In order to achieve that, you basically need a standalone HTML parser. HTML parsing is rather complex and the task and responsibility of that is beyond the scope of JSF, PrimeFaces and OmniFaces. You're supposed to just grab one of the many existing HTML parsing libraries.
An example is Jsoup, it has even a separate method for the particular purpose of sanitizing HTML against a Safelist: Jsoup#clean(). For example, if you want to allow some basic HTML without images, use Safelist.basic():
String sanitizedHtml = Jsoup.clean(rawHtml, Safelist.basic());
A completely different alternative is to use a specific text formatting syntax, such as Markdown (which is also used here). Basically all of those parsers also sanitize HTML under the covers. An example is CommonMark. Perhaps this is what you actually meant when you said "stackexchange style".
As to saving in DB, you'd better save both the raw and parsed forms in 2 separate text columns. The raw form should be redisplayed during editing. The parsed form should be updated in background when the raw form has been edited. During display, obviously only show the parsed form with escape="false".
See also:
Markdown or HTML
Is there any HTML sanitizer or cleanup methods available in any JSF utilities kit or libraries like PrimeFaces/OmniFaces?
I need to sanitize HTML input by user via p:editor and display safe HTML output using escape="true", following the stackexchange style. Before displaying the HTML I'm thinking to store sanitized input data to the database, so that it is ready to safe use with escape="true" and XSS is not a danger.
In order to achieve that, you basically need a standalone HTML parser. HTML parsing is rather complex and the task and responsibility of that is beyond the scope of JSF, PrimeFaces and OmniFaces. You're supposed to just grab one of the many existing HTML parsing libraries.
An example is Jsoup, it has even a separate method for the particular purpose of sanitizing HTML against a Safelist: Jsoup#clean(). For example, if you want to allow some basic HTML without images, use Safelist.basic():
String sanitizedHtml = Jsoup.clean(rawHtml, Safelist.basic());
A completely different alternative is to use a specific text formatting syntax, such as Markdown (which is also used here). Basically all of those parsers also sanitize HTML under the covers. An example is CommonMark. Perhaps this is what you actually meant when you said "stackexchange style".
As to saving in DB, you'd better save both the raw and parsed forms in 2 separate text columns. The raw form should be redisplayed during editing. The parsed form should be updated in background when the raw form has been edited. During display, obviously only show the parsed form with escape="false".
See also:
Markdown or HTML
I have just installed lotus designer 9, and I created a new project with a notebook template. Now I am looking through forms, views, pages etc. and I can see all the controls, at the bottom I have so-called 'programmers pane', but if I wanted to put some of my own html, or adjust a little bit the existing one, I cannot.
So my question is - how do I enable html view? When I open a form, and go to View, I can see that there is an option HTML Editor, but it is grayed out, what am I missing?
HTML is not the storage format for forms, behind the scenes. Forms are stored in a proprietary rich text format, and conversion between that and HTML is not exact. So there is no "HTML view" of a Notes form.
You can type HTML text onto the form, highlight it, and designate it as "pass-thru" (Menu 'Text > Pass-Thru HTML'). If accessed via the web, the exact HTML you enter here will be included in the HTML sent to the browser. The Notes client will also convert pass-thru HTML to Notes rich text for display, provided this option has been enabled in the form properties.
Once a browser gets the main html page, how does it know which are the embedded content should be request again from web server, and which are only external links? Is it based on type of tags, e.g ?
If so, could someone give me a reference of what these tags are?
Thanks.
The HTML5 spec defines the element category "Embedded content":
Embedded content is content that imports another resource into the document, or content from another vocabulary that is inserted into the document.
It lists the following elements:
audio
canvas
embed
iframe
img
math
object
svg
video
Elements like link or script (both in Metadata category) can also refer to other ressources that user-agents (browsers, screen-readers, …) are free to link to or include or do whatever they want to do with it. For example, browsers like Firefox or Chromium will (by default) load and "apply" CSS that is linked within the link element, that has the rel value = stylesheet. Browsers like Lynx or w3m won't do that. They simply ignore that link.
For link, HTML5 states which link types "are links to resources that are to be used to augment the current document, generally automatically processed by the user agent":
Two categories of links can be created using the link element: Links to external resources and hyperlinks. The link types section defines whether a particular link type is an external resource or a hyperlink.
Maybe also consider the style attribute (for inline CSS), which could include a background-image url.
Yes, the tags help browser identify the resources to load. After downloading/retrieving the content the browser determines what to do with the content based on the content-type header in the response.