[Catalyst] possibly OT: FillForm escape problem

Phil Mitchell seasprocket at gmail.com
Mon Sep 12 18:26:53 CEST 2005 

On 9/12/05, Hartmaier Alexander <Alexander.Hartmaier at t-systems.at> wrote:
> It just differs between multivalue selects and dropdown selects.
> How did you disable the escaping, maybe that is enough for me too.

Well, I hacked H::FIF ...

sub escapeHTMLStringOrList {
  my ($self, $toencode) = @_;

  # CHANGED TO NO-OP BC WE DO OUR OWN ESCAPING OF ALL PARAMS
  return $toencode;

  if (ref($toencode) eq 'ARRAY') {
    foreach my $elem (@$toencode) {
      $elem = $self->escapeHTML($elem);
    }
    return $toencode;
  } else {
    return $self->escapeHTML($toencode);
  }
}


> 
> -Alex
> 
> 
> > -----Ursprüngliche Nachricht-----
> > Von: catalyst-bounces at lists.rawmode.org [mailto:catalyst-
> > bounces at lists.rawmode.org] Im Auftrag von Phil Mitchell
> > Gesendet: Montag, 12. September 2005 14:08
> > An: The elegant MVC web framework
> > Betreff: Re: [Catalyst] possibly OT: FillForm escape problem
> >
> > On 9/12/05, Hartmaier Alexander <Alexander.Hartmaier at t-systems.at>
> > wrote:
> > > Hi!
> > > I've got exactly the same error but didn't look into it right now.
> > > I sent the author already a patch to differ between multivalue selects
> > and
> > > dropdown fields but he didn't answer...
> >
> > I'll send him a note also. Does your patch handle any multivalue param
> > or only select fields? Anyway I decided that the best solution for me
> > is to disable H::FIF escaping entirely, bc I want to handle it in my
> > own code...
> >
> > >
> > > -Alex
> > >
> > >
> > > > -----Ursprüngliche Nachricht-----
> > > > Von: catalyst-bounces at lists.rawmode.org [mailto:catalyst-
> > > > bounces at lists.rawmode.org] Im Auftrag von Phil Mitchell
> > > > Gesendet: Freitag, 9. September 2005 21:48
> > > > An: The elegant MVC web framework
> > > > Betreff: [Catalyst] possibly OT: FillForm escape problem
> > > >
> > > > Strictly speaking, this is a problem with HTML::FillInForm, but
> > since
> > > > a core cat plugin is based on it, I thought it might be worth
> > > > mentioning this.
> > > >
> > > > I have a multi-valued request param that has data that must be
> > > > escaped. For single-valued params, H:FIF escapes the data fine. But
> > > > for multivalued params, $param->[0] gets escaped once, $param->[1],
> > > > twice, $param->[2] three times, etc. I guess this is a side effect
> > of
> > > > using HTML::Parser, but I haven't investigated it. The result is
> > data
> > > > that looks like: &amp;amp;amp;lt;
> > > >
> > > > Is this a known bug or am I being completely stupid?
> > > >
> > > >
> > > > --
> > > > ==========================
> > > > 2People Blog: http://2-people.blogspot.com/
> > > > 2People site: http://www.2people.org
> > > >
> > > > _______________________________________________
> > > > Catalyst mailing list
> > > > Catalyst at lists.rawmode.org
> > > > http://lists.rawmode.org/mailman/listinfo/catalyst
> > >
> > >
> > > _______________________________________________
> > > Catalyst mailing list
> > > Catalyst at lists.rawmode.org
> > > http://lists.rawmode.org/mailman/listinfo/catalyst
> > >
> > >
> > >
> > >
> >
> >
> > --
> > ==========================
> > 2People Blog: http://2-people.blogspot.com/
> > 2People site: http://www.2people.org
> >
> > _______________________________________________
> > Catalyst mailing list
> > Catalyst at lists.rawmode.org
> > http://lists.rawmode.org/mailman/listinfo/catalyst
> 
> 
> _______________________________________________
> Catalyst mailing list
> Catalyst at lists.rawmode.org
> http://lists.rawmode.org/mailman/listinfo/catalyst
> 
> 
> 
> 


-- 
==========================
2People Blog: http://2-people.blogspot.com/
2People site: http://www.2people.org

More information about the Catalyst mailing list