I have a web page that queries database dynamically to display data on the page, similar to database tool like Toad etc. (not even close of course :), example for illustration only).
The problem is data gets trimmed when displayed on the page. This is how I display data using JSF
<h:outputText value="#{record[columnIndex].toDisplayString()}" />
I believe it is about html rendering. What should I do? Write an html encoder? How? Help would be highly appreciated.
The <h:outputText> doesn't trim the value at all.
Perhaps you're talking about whitespace like leading/trailing spaces, tabs, newlines, carriage returns, etc in the value, which have by default totally no meaning in HTML markup. It just becomes part of the HTML source code, but not the HTML presentation. Newlines, for example, are in HTML to be represented by the <br> element, not by the \n character.
If you'd like to preserve the whitespace in a HTML element node as it is in the HTML source code, then you need to set the parent HTML element's CSS white-space property to pre in order to preserve it. If you'd like to wrap lines in block elements, then use pre-wrap.
E.g.
<h:outputText ... styleClass="preformatted" />
with
.preformatted {
white-space: pre-wrap;
}
An alternative is to convert the text to valid HTML markup yourself. E.g. replacing every occurrence of \n character by the <br/> string. You could use an EL function for this.
See also:
Component to inject and interpret String with HTML code into JSF page
Related
We're using the StripFilter property in our production systems:
com.liferay.portal.servlet.filters.strip.StripFilter=true
but on the most pages the markup isn't properly stripped (some parts like navigation has massive whitespaces, others like head are fine) or worst case the whole markup is not stripped!
Those non stripped pages have up to 20k lines of source code (mostly blank), which causes poor performance in browsers.
Mostly appears when pages requested as guest user, but this is not reproducible.
Also when we undeploy all webapps, this problem occurs.
How we can investigate this problem?
Is this a common issue?
If some part of the beginning of your page is actually stripped and the rest is not, then the filter tripped over your html. Maybe you have an error in your html code. Or the strip was simply too stupid.
Remember that you must (because of the filter) close input tags with a /> If you do not, the filter looks up the next /> and does not strip anything between!
Example
<input name="bla">
<p> hello world,
<br />
<span> you are </span>
beautiful. </p>
This will lead to the following output, because the closes the
<input name="bla">
<p> hello world,
<br /><span>you are</span> beautiful. </p>
I have a collect task in Sharepoint 2010 with a Enhanced Rich Text box. In the list it shows the p and div tags.
<div class="ExternalClass1458740DC98941C3A3589359A3017AAA"><p>Approved - Rev D</p></div>
This is the field where the text is coming from.
<td width="75%" class="ms-formbody" >
<SharePoint:FormField runat="server" id="ff3{$Pos}" ControlMode="Edit" FieldName="DocCtlAdmin_x0020_Comment1234567" __designer:bind="{ddwrt:DataBind('u',concat('ff3',$Pos),'Value','ValueChanged','ID',ddwrt:EscapeDelims(string(#ID)) , '#DocCtlAdmin_x0020_Comment1234567')}"/>
<SharePoint:FieldDescription runat="server" id="ff3description{$Pos}" FieldName="DocCtlAdmin_x0020_Comment1234567" ControlMode="Edit"/>
</td>
Any insight as to why or how to remove would be appreciated
Simple answer is: In your display view add disable-output-escaping="yes" to your XSL statement like so:
xsl:value-of select="#CMImplPlan" disable-output-escaping="yes"
This will remove character output escaping for HTML characters.
Issue is you are using RichHTMLField to get the input from your end users for this field. So sharepoint adds some HTML tag.
but
when you are displaying you are using FormField, which is text based, so it shows all the HTML tags also.
So solution is :
1. Use RichHTMLField for both input and display
2. Use FormField/ Simple textbox for both input and display
3. Write a custom control / control extender to clean all the HTML before outputting it
4. Also a less recommended solution will be to search this tags on page via jQuery and remove them.
What is the simplest way to replace quote characters with \" sequence inside string values?
That'll be the fn:replace() function.
<%#taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
...
${fn:replace(foo, '"', '\\"')}
Unrelated to the concrete question, this is an often recurring requirement in order to prevent malformed HTML when redisplaying user controlled input as a HTML attribute. Normally, you should use <c:out> or fn:escapeXml() for this instead. E.g.
<input name="foo" value="<c:out value="${param.foo}" />" />
<input name="foo" value="${fn:escapeXml(param.foo)}" />
It not only takes quotes into account, but also all other XML special characters like <, >, &, etc.
See also:
XSS prevention in JSP/Servlet web application
Use javascript replace (with /g to replace all occurrences)
string.replace(/"/g, '\\"')
Deceptively simple question, but I'm at my wits' end here.
I have a document. It contains a form. Which contains a subform. Which contains a read-only text field. Here's the relevant part of the structure:
<tr:document ...>
<tr:form ....>
<tr:subform ...>
<div ...><div ...>
<tr:panelGroupLayout>
<tr:panelFormLayout>
<tr:inputText id="selectedAmount"
label="#{...}"
value="#{...}"
disabled="true" />
</tr:panelFormLayout>
</tr:panelGroupLayout>
</div></div>
</tr:subform>
</tr:form>
</tr:document>
(none of the attributes on the ... are setting style information.)
Why is it that MyFaces produces for the innermost element a div rather than input type="text"? I've seen forms with (apparently) this exact same structure that didn't have this problem.
The reason why this is silly and unacceptable is because the div, when empty, doesn't show as a box but as a single line (the border collapses since there is no content and no height style). Manually setting a height via css isn't acceptable either, because the font may vary from computer to computer. I really just wanted it to always render an input tag.
Any ideas? Feel free to ask for details if you want to confirm any suspicion. There's too many data for me to just dump everything in here.
I am getting issue somthing h:outputText and h:inputText both are displaying values but they are collapse the multiple whitespaces into single white space
for that i tried with style="white-space:pre" but it also not working
so i am adding in between strings
String str="hi & nbsp jsf" and
while displaying it shows in input text box with value "hi & nbsp ;jsf" not "hi jsf" So, what should i have to do so that that it will display without "& nbsp;"
actually i have put that space between & nbsp; because here it will replaceing with white space
I don't want with escape="false" for displaying because at some place i need h:inputText. In h:inputText there is no option for escape attribute
any other permanent solution for white Space Issue
You need to use the code of nbsp, because nbsp is not an entity automatically declared like in html pages.
The code is 160, so you can use .
Alternatively, you can declare an entity at the top of your page like this:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"
[<!ENTITY nbsp " ">]>
and you are free to use