Using the Grails internationalization messages.properties I'm trying to create a multi-line message, but cannot seem to find a way to create a new line without using the <br> element, and I'd prefer to keep presentation logic out of the message. I've tried using "\n" but that doesn't get rendered.
I know I can use multiple messages "message.1=...", "message.2=...", but that doesn't seem as clean either.
Here's what I'd like to be able to do:
messages.properties
helptext=First Line\nSecond Line\nThird Line
page.gsp
<g.message code="helptext"/>
result:
First Line
Second Line
Third Line
Everything I've found either says to use <br> element, or do a replaceAll on \n, but I was hoping to not have to use extra processing to handle this.
I think you have to use <br> in the message directly.
//messages.properties
helptext=First Line<br>Second Line<br>Third Line
//Gsp
<p><g:message code="helptext"/><p>
\ gives the ability to break the line in the properties file but renders as a single line in view.
For me (i18n message properties in Grails 2.0 project) worked following line:
property = Line1\\nLine2\\nLine3
HTML tag BR worked also fine if displayed on HTML page, but was not any good for me, because I in my case this text needed to be a text string not HTML.
You could write a custom tag that converts \n into br tags as well. It would just need to call the messageSource bean and parse the results. Thus your messages would not have to be HTML-specific
Related
I have a helper method that returns a string after formatting it, which includes adding line breaks.
I am calling this helper method in a view and am trying to display this formatted string.
I am using "\n" or "\r\n" to introduce line breaks, but this shows up as mere spaces in the browser.
You should use <br> or create it like tag('br'):
your_string = "test string" + tag('br')
your_string.html_safe #return your string
As #max rightly pointed, from a security vulnerability (XSS) aspect you can use h() on user-provided text, which converts your string to a safe string and allows you to securely call html_safe on the full string.
One mistake i made was using raw(string) in the helper method instead of using it in view and it still was shown as 'smth smth' so be aware of that.
My code looked something like this
td= helper_method()
And when I changed it to the following it worked:
td= raw(helper_method())
This should probably be easier than it is. I just want to put a link inside an HTML paragraph element.
%p{class: "answer"}="Please upload your data to this portal in text (tab-separated) format. Download our template #{raw(link_to 'here', '/templates/upload_template.xlsx')} for sample data and a description of each column."
Rails is encoding the tag information. I don't want tags to be encoded. I want them to be tags.
You can use more than one line inside any block, to solve your problem we will have something like this:
%p{class: "answer"}
Please upload your data to this portal in text (tab-separated) format. Download our template
= link_to 'here', '/templates/upload_template.xlsx'
for sample data and a description of each column."
You can use interpolation directly in Haml, and doing this seems to fix the issue in this case.
So instead of doing this:
%p= "Text with #{something_interpolated} in it."
you can just do
%p Text with #{something_interpolated} in it.
i.e. you don’t need the = or the quotes, since you are just adding a single string. You shouldn’t need to use raw either.
(Also, note you can do %p.answer to set the class attribute, which may be cleaner if the value isn’t being set dynamically.)
Why this is being escaped here is a different matter. I would have expected the two cases (%p= "#{foo}" and %p #{foo}) to behave the same way. However, after a bit of research, this behaviour seems to match how Rails behaves with Erb.
I am passing to my partial a form instance and an additional object. What I want is to display to the end user entered content preserving such simbols as \r \n \t etc. How can I achieve that? Tried to get raw values of the form or object, but no luck.
inputed text:
test is what I need. Some stuff like this shouldnt happen at all
------------------------------------------------------------------
Okay\t Test\r\n
1132\t 123\r\n
The problem with spaces is obvious, but how to preserve the example structure is the question.
The solution was quite simple. Wrapping the raw output in a <pre> tag helped in my case
I have the rails application which accepts the XML output from another application. For some condition the XML tage content come up with CSS code
For example :
<\/sample/> .headermenu{float:left;no-repeat right;font-size:0.75em; padding-bottom:3px}, #div{float:left} This is the test value from another site <\/sample/>
In my ruby application i have parse the XML content and display the content.
It start displaying CSS content like the above. I want to display strip the CSS code if exist in the content.
Is their any way . we can do this please help...
raw method might help you.It outputs data without escaping a string. Check here http://apidock.com/rails/ActionView/Helpers/RawOutputHelper/raw for more details.
I dont know if this is what you are looking for but you can try css parser by the way whenever you need a rails or ruby gem just search for it at rubygems
I am unsure of the best way to handle this. In my index view I display a message that is contained in TempData["message"]. This allows me to display certain error or informational messages to the user when coming from another action (for example, if a user tries to enter the Edit action when they don't have access, it kicks them back to the Index with a message of "You are not authorized to edit this data").
Prior to displaying the message, I run Html.Encode(TempData["message"]). However, I have recently come into the issue where for longer messages I want to be able to separate the lines out via line breaks (<br>). Unfortunately (and obviously), the <br> gets encoded by Html.Encode so it doesn't cause an actual line break.
How do I process line breaks correctly in Html Encoded strings?
The easiest solution I've seen is:
#MvcHtmlString.Create(Html.Encode(TempData["message"]).Replace(Environment.NewLine, "<br />"))
If you are using a razor view, you should not have to call Html.Encode normally. By default, Razor html encodes all output. From Scott Gu's blog introducing Razor:
By default content emitted using a # block is automatically HTML encoded to better protect against XSS attack scenarios.
I agree with #Roger's comment - there is not really any need to encode anything that you have total control over.
If you still wish to be better safe than sorry (which isn't a bad thing), you could use the Microsoft AntiXss library and use the .GetSafeHtmlFragment(input) method - see HTML Sanitization in Anti-XSS Library
e.g.
<%= AntiXss.GetSafeHtmlFragment(TempData["message"]) %>
FYI, the Microsoft Web Protection Library (A.K.A. Microsoft AntiXSS Library) developers seem to have broken the assembly and pulled all previous versions that were working. It is no longer a viable solution in its current state. I was looking at it as a solution for this problem before reading the comments. All 18 of the current ratings for the latest release are negative and complain about it being broken with no updates from the developers so I didn't even try it.
I went with #ICodeForCoffee's solution since I'm using Razor. It is simple and seems to work quite well. I needed to take potentially lengthy descriptions with line breaks and format them so the line breaks would come through in the page.
Just for completeness, here's the code I used which is #ICodeForCoffee's code modified to use the description field of the view's model:
#MvcHtmlString.Create(Html.Encode(Model.Description).Replace(Environment.NewLine, "<br />"))
"Process" the message in the controller:
HTMLEncode the message
Insert the line break tags
Add message to the TempData collection.
Try this:
StringBuilder sb = new StringBuilder();
foreach(string message in messages)
{
sb.Append(string.Format("{0}<br />", Server.HtmlEncode(message));
}
TempData["message"] = sb.ToString();