[Seaside] escaped html
Julian Fitzell
julian at beta4.com
Fri Jun 20 09:33:49 CEST 2003
Ragnar Hojland Espinosa wrote:
> I've just found out that
>
> html text: 'foo'.
>
> does not escape text, and that you have to
>
> html text: 'foo' asHtml.
>
> So I added a little html textEscaped: , but then I came upon things like
>
> html anchorWithAction:text:
>
> Is there a reason for seaside not escaping the strings by default, as
> it happened with seaEscapeHtml in 0.94b? Or am I missing something?
>
I assume you mean encoded with html entities? If so, there is already
#encodedText:
#anchorWithAction:text: and similar don't encode the text because
otherwise there is no way to give it HTML directly. But if it proves
that giving text, not html, is the more common case, we may want to
change it.
Gotta run to work,
Julian
--
julian at beta4.com
Beta4 Productions (http://www.beta4.com)
More information about the Seaside
mailing list