Using Struts2, my goal is to present a simple blog to a user using Struts2 iterators, such as:
Most Recent Topic
response 1
response 2
...
Previous Topic
response 1
response 2
...
Users generate and submit each Topic/Response using a separate form, but, once submitted, I don't want them to edit the blog.
To generate either a Topic or a Response, I provide an editor (like the stackoverflow editor I'm using now) that produces html-formatted text, including whatever styling (bold, underlines, lists, etc.) that the user chooses. The text of the Topic/Response created by the user, including the html tags, is stored in a database.
However, I cannot find a way to render the Topic/Response as html in the blog. For example, text bolded in the editor shows up as <strong>text</strong> in a struts2 s:textarea tag.
I know that the s:property tag has an 'escapeHtml' attribute that will prevent this, but the s:property tag can't layout the text properly, and it seems that only the s:property tag has this attribute.
I've tried using <input value="%{#topic.content}" /> within the iterator instead of s:textarea, but it doesn't seem to recognize the #topic iteration reference.
Is there a way to do this?
use text instated of tax area .Let me know if you still facing this issue.
Use escapeHtml="false". I just tried it myself and it works as intended.
For example, with:
<s:set var="var1"><p>some stuff</p><p>other stuff</p></s:set>
<s:property value="var1" escapeHtml="false" />
renders the paragraph tags as you would expect.
How about using <pre> with <s:property>.
About html <pre> tag:
http://www.w3schools.com/tags/tag_pre.asp
Related
I'm new on ModX. I've created a template variable to input custom HTML into my page. I choose Rich Text as input type for this template variable.
On the other hand, my HTML contains some meta tag like <meta itemprop="name" content="myname"> tag with schema ( some custom attributes like <div class="review" itemprop="review" itemscope="" itemtype="http://schema.org/Review"> )
So when I submit this data into page through template variable, I don't see that meta tag and custom attributes like itemprop, itemscope or script tag. They are removed or ignored by the editor.
Can someone tell me that how can I get rid from these issue? I will be great full for the help. Thanks.
There are two possible ways at least:
1) use textarea TV type instead rich text
2) it depends on your WYSIWYG editor, they allow you to exclude (not cut) the specified tags from processing
So I want to be able to add links in the body of a post (and not show it as plaintext). However, I do not want to allow any other HTML tags. Right now I have:
sanitize #post.body, tags: %w(a), attributes: %w(href)
but this does not seem to work.
I've also tried
simple_format(#post.body).gsub(URI.regexp, '\0').html_safe
but that allows other HTML tags, which I do not want.
Any ideas how to fix this? Thanks!
Ruby/Rails will not just identify a link in a string because it has http or www somwhere in it. Assuming you are getting the body of #post via a form, you need to wrap the input in some kind of WYSIWYG editor such as tinymce. Then, if the WYSIWYG editor saves the serialized input:
click to see this link about google.ca
to the database, you can whitelist the <a> tag and href attribute so it actually generates a link
Ended up using the auto_link gem: auto_link(#comment.body)
I have a string with basic html markup which I want to put into a rich textbox
string ab = #"<b> a b </b>"
I want it to render as it would appear in a browser ie:
a b
how can I do this in active reports 7? According to http://www.datadynamics.com/forums/77664/ShowPost.aspx, a richtextbox supports these tags. Do I have to specify a property to allow it to render html? How should I approach this?
Thanks,
Sam
More information (Update 8/11):
I'm binding the data from a database field - an oracle nclob. The field repeats within the detail section (with different information each time).
If I bind the field directly to a textbox or label it renders the string, but doesnt encode the html
<b> a b </b>
but it encode the string.
Solution Summary
Solution (as suggested by #activescott)
Bind rtx directly to the datafield
'Reformat' the text into html in
the script
public void detail_Format()
{
rtxBox.Html = rtxBox.Text;
}
result: renders the html field with some degree of html formatting
notes:
binding directly in the script doesnt work,
ie. rtxBox.Html = pt.Fields["CONT_ID"].ToString(); yields some wierd meta data string
the Datafield only binding approach doesn't work
(it will yield it as text)
there are some extra spacing that occurs with p tags. It may be worth regexing them out or somehow providing some formatting control.
The actual property you are looking for is the Html Property. You can also load a file into that control using the step-by-step walkthrough here.
I am assuming you are using Section Reports and not Page Reports.
To use HTML from the database in a bound report, you should be able to use the DataField property of the RichTextBox control (set it to the name of the corresponding Data field at design time). However, I noticed this "Render HTML tags in DB in ActiveReport pdf or HTML" article which kind of implies that doesn't work since it loads the HTML from a database programatically. One of the two should work.
With a grails app and from a local database, I'm returning some text in a xml format.
I can return it well formed in a <textarea></textarea> tag with the correct indenting (tabulation, line return,...etc.)
I want to go a bit further. In the text I'm returning, there are some <img/> tags and I'd like to replace those tag by the real images themselves.
I searched around and found no solution as of now. I understood that you can't add an image to a textarea (other then in a background), and if I choose a div tag, I won't have the indenting anymore (and therefore, harder to read)
I was wondering if using a <g:textField/> or an other tag from the grails library will do the trick. And if so, How can I append them to a page using jquery.
For example, how to append a <g:textField/> in jquery. It doesn't interpret it and I get this error
SyntaxError: missing ) after argument list [Break On This Error]...+doc).append("<input type="text" id="FTMAP_"+nb_sec+"" ...
And in my javascript file, I have
$("#FTM_"+doc).append("<g:textField id='FTMAP_"+nb_sec+"' ... />
Any possible solutions ?
EDIT
I did forget to mention that my final intentions are to be able to modify the text (tags included) and to have a nice and neat indentation so that it is the easiest possible for the end user.
You are asking a few different questions:
1. Can I use a single HTML tag to include images inside pre-formatted text.
No. You will have to parse the text and translate it into styled text yourself.
2. Is there a tag in the grails standard tags to accomplish this for me?
No.
3. How can I add grails tags from my javascript code.
Grails tags are processed on the server-side, and javascript is processed on the client. This means you cannot directly add grails tags via javascript.
There are a couple methods that can accomplish the same result, however:
You can set a javascript variable to the rendered content of a grails tag. This solution is good for data that is known at the time of the initial request.
var tagOutput = "${g.textField(/* etc */)}";
You can make an ajax request for the content to be added. Then your server-side grails code can render the tags you need. This is better for realtime data, or data that will be updated more than once on a single rendered page.
I am using FckEditor in Create.aspx page in asp.net mvc application.
Since I need to show rich text in web pages, I used ValidateInput(false) attribute top of action method in controller class.
And I used Html.Encode(Model.Message) in Details.aspx to protect user's attack.
But, I had result what I did not want as following :
<p> Hello </p>
I wanted following result not above :
Hello
How can I show the text what user input?
Thanks in advance
The short answer is that HTMLEncode is making your markup show like that. If you don't HTMLEncode, it will do what you want.
You need to think about whether or not you need full control of markup, who is entering the markup, and if an alternative like BBCode is an option.
If your users using the editor are all sure to be 'safe' users, then XSS isn't likely to be as much a concern. However, if you are using this on a comment field, then BBCode, or something like SO itself uses is more appropriate.
You wont be able to use a WYSIWYG editor and do HTMLEncode though... (without BBCode, or some other token system)
It seems the user entered "<p> Hello </p>" (due to pressing Enter?) into the edit control, and it is displaying correct in the HTML as you have done an Html.Encode. E.g. the paragrahs are not rendered, they are outputted as "<p>..</p>" as the string is HTML encoded into something like "<p> Hello <p>".
If you do not want tags, I would suggest searching the text string for tags (things with <...>) and removing them from the inputted text. Do this before HTML.Encode.
...or am I missing something?
You can use HttpServerUtility.HtmlEncode(String)