5 Replies Latest reply on Sep 20, 2006 2:22 PM by cja987

JSF 1.2 RI escaping problems with inputText

cja987 Sep 18, 2006 4:24 PM

I had to switch to the 1.2RI because Myfaces apparently lacks an enum converter, my app uses lots of enums, and rather than having to roll my own converters, I followed the directions to switch to the RI. Everything seemed to work all right except for a mysterious problem: inputText fields aren't escaping < (left angle bracket) characters to <. It does fine with > characters, just not the left bracket. This is of course causing the browser to choke on the badly-formed output. outputText fields are, incidentally, unaffected by this. Just inputText and just left angle brackets.

I am in sheer dread of having to delve into the bowels of JSF to figure this out. I can't imagine how this would happen in vanilla JSF, so I wonder if it's some interaction with Seam, perhaps unescaping things it shouldn't? Any pointers? Perhaps I could switch to Myfaces 1.2 ... are there any issues in getting that to work or is it just a matter of replacing the old myfaces jars in the tomcat SAR?

1. Re: JSF 1.2 RI escaping problems with inputText

cja987 Sep 18, 2006 4:30 PM (in response to cja987)

A big middle finger to phpBB which interprets "disable HTML" as "well I really wanted you to interpret entities anyway". When using the 1.2 RI, inputText fields are not escaping the left angle bracket character to ampersand-ell-tee-semicolon. What befuddles me to no end is that it does fine for right angle brackets

The value that isn't getting escaped is coming from an entity bean. I'll see if I can reproduce the problem with a hello world app or vanilla JSF. If I remain stumped, I suppose I'll switch to Myfaces 1.2. Or maybe catalyst (only half kidding)
Actions

2. Re: JSF 1.2 RI escaping problems with inputText

cja987 Sep 18, 2006 4:43 PM (in response to cja987)

Ick, something is getting unescaped somehow. If I have this in a page:

 <h:inputText value="This is a static inputText with a <strong>HTML</strong> tag"/> <br />

I get this browser error in response:

XML Parsing Error: not well-formed
Location: http://localhost:8080/fiat/home.seam
Line Number 18, Column 81:
<input type="text" name="j_id9:j_id10" value="This is a static inputText with a <strong&gt;HTML</strong&gt; tag" /> <br />
--------------------------------------------------------------------------------^

What am I doing wrong here?

3. Re: JSF 1.2 RI escaping problems with inputText

cja987 Sep 18, 2006 4:45 PM (in response to cja987)

phpBB strikes again. I properly escaped my tags in the value field in the page text. Preview just undoes it, something I fixed for the second part but not the first.
Actions
4. Re: JSF 1.2 RI escaping problems with inputText

cja987 Sep 18, 2006 5:24 PM (in response to cja987)

It seems this problem happens even in regular input fields, not just h:inputText, and it persists even when I switch the viewhandler to com.sun.facelets.FaceletViewHandler, which suggests to me a facelets bug (I'm using the latest I could find, 1.1.9) or maybe a misconfiguration on my part (I'm apparently forgetting the undocumented <randomly-suck>false</randomly-suck> config item).

Anyone who has actually gotten the RI to work on a less than trivial application care to tell me what versions and config they're using?
Actions
5. Re: JSF 1.2 RI escaping problems with inputText

cja987 Sep 20, 2006 2:22 PM (in response to cja987)

Having tested this with several configurations on both jboss and glassfish, I'm reasonably sure this is either a 1.2RI bug or a facelets bug. Since it doesn't appear in JSP pages, and given the problems facelets has had with HTML entities before, I'm inclined to blame facelets.

I guess I'll be sticking with JSP, as I'm growing increasingly disillusioned with facelets. Either way, not a Seam issue, but something that might bite some users nonetheless.
Actions

Go to original post