|
List Info Thread: pebble: not enough
|
||||||||||||||||
|
|
|
| pebble: not enough <c:out …/> escaping for Atom feeds | |
| 2007-02-21 19:18:57 | |
An ampersand in a comment title invalidates the
"responses" atom feed.
Change the following in
WEB-INF/xml/feeds/responses/atom.xml:
WRONG: <title>${aResponse.title}</title>
RIGHT: <title><c:out
value='${aResponse.title}'/></title>
Some other values also need this escaping (eg
${blogEntry.title}).
Others are probably ok as is (eg ${blogEntry.user.name},
${blog.author}), but escaping would be safer.
Not sure about ${blogEntry.truncatedContent}.
New WEB-INF/xml/feeds/responses/atom.xml file:
<atom.xml>
Differences from pebble 2.0.1 file:
<resp_atom_diff.txt>
[Running Pebble 2.0.2 JAR, but mostly 2.0.1 files]
P.S. the escapeXml attribute on <c:out/> elements
defaults to true so it’s unnecessary to include
escapeXml="true". Some do, some don’t.
------------------------------------------------------------
-------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the
chance to share your
opinions on IT & business topics through brief
surveys-and earn cash
http://www.techsay.com/default.
php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Pebble-user mailing list
Pebble-user |
|
 |
|
 |
|
lists.sourceforge.net
[1]
about | contact Other archives ( Real Estate discussion Medical topics )