Announcement

Collapse
No announcement yet.

Javascript and Html Escaping

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Javascript and Html Escaping

    Hi,

    We offer a service that involves our partners inserting javascript in their site. The javascript needs to contain some product information (e.g. model and manufacturer). One particular partner having problems with our service is using Actinic v7 (hence the post here). The javascript is being html escaped which means we are being sent incorrect data. I found one topic (in these forums) about html escaping in actinic that suggests using !!< and >!! around the html tags. Unfortunately, this doesn't seem to have worked (the actinic escape tags are appearing on the page and the javascript is still being escaped). I'm guessing that the partner is placing the javascript in a template that is not being rendered by actinic, or that the escape tags I'm using are incorrect. Can anyone suggest how I should solve this problem?

    Any help would be greatly appreciated.

    Cheers,

    Chris

    #2
    The HTML escaping used in Actinic is !!< and >!! as you found. However, this should only be used in text entered into the Actinic application (and stored in the database). To add javascript to the templates, just add it as normal - the templates are HTML.


    Alan Compton
    www.greenknightgames.co.uk
    Great board games and cards games you won't find in the High Street
    http://www.greenknightgames.co.uk/ac...iftTRAP_2.html
    Think you know what your friends and family want for Christmas?
    Play GiftTRAP - the ideal Christmas party game - and find out!

    Comment


      #3
      Sorry Alan, the !!< and >!! are HTML marker which identify to Actinic that enclosed code is to be parsed as HTML when the page is built on the desktop.

      The escape sequences used in Actinic is standard w3c - a visit to w3c schools website will provide more detail.
      Bill
      www.egyptianwonders.co.uk
      Text directoryWorldwide Actinic(TM) shops
      BC Ness Solutions Support services, custom software
      Registered Microsoft™ Partner (ISV)
      VoIP UK: 0131 208 0605
      Located: Alexandria, EGYPT

      Comment


        #4
        Is this not a problem as you are trying to include JavaScript into the "body" section, rather than the "head" section. To include JS into a template it needs to be in the head part of the template, so embedding within actinic is not going to work.

        One the pages you require this JavaScript can you not have an import within the head tag, that grabs the file from its location on your server?

        This file (as external) will be available to any pages and can be updated externally and outside of Actinic.

        Or am i misreading the OP.

        Comment


          #5
          Actinic tends to replace special characters like "&" with &#38;#38; type entities. All you need to do is add some JavaScript that restores these characters. E.g.


          text = 'Nice &#38;#38; easy';
          text = text.replace(/&#(\d+);/g, function(m,s){return String.fromCharCode(s - 0)});
          Norman - www.drillpine.biz
          Edinburgh, U K / Bitez, Turkey

          Comment


            #6
            Thanks for the responses so far guys.

            I am indeed trying to insert some javascript in the body of the product page. The javascript needs to include the product details from actinic. I need to have something like this contrived example:

            <script type="text/javascript">
            product_name='ACTINIC_PRODUCT_NAME';
            </script>

            The problem occurs when ACTINIC_PRODUCT_NAME contains characters (e.g. a hyphen) that are html escaped by actinic (in this case the hyphen becomes &#45 ; - without the space). I need to be able to tell actinic not to html escape this data. I've tried adding the !<< and >>! tags around the <script> and </script> tags to no avail.

            Unfortunately I have no experience of actinic and have no access to a copy so am flying blind. As before, any help is much appreciated.

            Chris

            Comment


              #7
              I posted just above yours how to do this. I had to edit it a few times so please re-read it to get the latest version.

              PS you can download a 30 day trial of Actinic V7 from http://support.actinic.com/versions/
              Norman - www.drillpine.biz
              Edinburgh, U K / Bitez, Turkey

              Comment


                #8
                Hi Norman,

                Thanks for the advice, I'll get it implemented using javascript as you've described. I'm guessing that there's no way to tell actinic not to html escape the stuff that comes out of its database...

                I had seen the trial versions previously but I'm on a mac so they're no good to me unfortunately.

                Cheers,

                Chris

                Comment


                  #9
                  I'm guessing that there's no way to tell actinic not to html escape the stuff that comes out of its database
                  This would be a bad idea as products containing e.g. "<" in their names would then be inadvertently generating HTML tags instead of telling us what they were.
                  Norman - www.drillpine.biz
                  Edinburgh, U K / Bitez, Turkey

                  Comment


                    #10
                    I appreciate that but it'd be nice to be able to decide whether it should be escaped or not. I'm thinking that by default it'd be escaped but you could turn it off when you wanted to use those values within javascript. I think I'm correct in thinking that nothing needs to be escaped within javascript tags. It just feels a bit wrong to have to unescape the values manually using javascript.

                    Anyhoo. Not to worry and thanks for your help.

                    Chris

                    Comment

                    Working...
                    X