Cart
|
[XSL-LIST Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: disable-output-escaping
 On Mon, 1 Jul 2002, CROFT, MICHAEL wrote:
> The & is a character that could be entered by the user, I have no control
> over what they enter. It is a dynamic process. I need to tell the XML
> parser to treat any text entered by the user as text.
Ok. Then what you have is a _data entry_ issue, not an _output_ issue.
There are a largish number of character 'values' that could be entered by
a user that will render your XML _syntactically_ invalid. So, you _MUST_
have a 'prefilter' on your storage system to escape all characters that
must be escaped (&, ', " and < would be good candidates) and _removes_ all
characters that are flat illegal. You will need to consult the XML spec at
W3C for particulars. And don't forget character encoding issues - XML by
default uses UTF-8 - while many clients use either ISO8859-1 or whatever
their desktop default is under windows. Mixing encodings is a Bad Thing
(tm).
Otherwise, your best bet is to Base64 encode _all_ data entered by the
user for storage and post-process the base64 data back into the raw
output you want.
--
Benjamin Franz
The only way of discovering the limits of the possible is
to venture a little way past them into the impossible.
---Arthur C. Clarke
XSL-List info and archive: http://www.mulberrytech.com/xsl/xsl-list
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! 
Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
