3 Replies Latest reply on Mar 27, 2011 1:18 PM by lobotomy

    rich:editor s:formattedText

    lobotomy
    lobotomy Mar 26, 2011 7:19 PM

      I am trying to display rich:editor text using  s:formattedtext and it destroys totally my webpage and it looks like a vulnerability But I have to do it in a special way. If in my editor I select format as preformated and then write some text(ie. "qwert"), then I use  center alignment option and then finally change text format to heading larger than 5 (4,3,2,1).I refresh my s:formattedText and  it does not crush  the website but for example reads in the stuff that I have commented out or reads in some modal panels as a part of the page (those panels are also commented out).

      Anything I do wrong?

      • 1523 Views
      • Tags:
        • 1. rich:editor s:formattedText
          lobotomy
          lobotomy Mar 26, 2011 7:22 PM (in response to lobotomy)

          It is probably seam's problem because I get Seam Text parse error: expecting an opening angle bracket '<', found '+' but is thre any way around this?

            • Actions
          • 2. rich:editor s:formattedText
            boy18nj
            boy18nj Mar 27, 2011 10:34 AM (in response to lobotomy)

            sorry i did not catched your problem properly...could you be little elaborative...

            mariusz bogucki wrote:

             

            and  it does not crush  the website but for example reads in the stuff that I have commented out or reads in some modal panels as a part of the page (those panels are also commented out).

            Anything I do wrong?

             

              • Actions
            • 3. Re: rich:editor s:formattedText
              lobotomy
              lobotomy Mar 27, 2011 1:18 PM (in response to boy18nj) 
                                     <rich:editor  id="newTextBody"
                                          width="500"
                                          height="300"
                                          value="#{newText.textObject.newTextBody}"
                                          useSeamText="true"
                                          configuration="wyswig"
                                          required="true"
                                          >

                       </rich:editor>


                       <rich:panel id="sample" header="sample"
                                        style="width:75%;height:338px;overflow:auto!important;">
                            <a4j:commandLink action="#{newText.retry}"
                                        value="Rerender Sample"
                                        reRender="sample"
                                        bypassUpdates="false"
                                        ajaxSingle="false"
                                     />

                            <s:formattedText
                                  value="#{newText.textObject.newTextBody}"
                              />

                      </rich:panel>


              <ui:include src="/WEB-INF/facelets/InfoPanels.xhtml"/>

              infoPanels.xhtml contains group of modal panels. If I have a situation mentioned above not only the value from text editor is not displayed but in place of it I get the stuff that is inside the one of the modal panels. And only if the seam text in newTextBody String contains '+' but that is also only in the situtation when I use center alignemnt of rich:editor before. Otherwise the + for the heading does not cause problems. I thought that s:formattedText woud just not display text or filter undesired elements , but instead  I get this.

              Other problem that I have noticed is that in google chrome whenever I try to insert the table the page just hangs up(?) with the table properties popup and its buttons not responding.I use richfaces 3.3.1, but I see that in richfaces4.0 editor is not even supported anymore so probably there were more issues with it.

                • Actions