This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-site
in repository https://gitbox.apache.org/repos/asf/struts-site.git
The following commit(s) were added to refs/heads/asf-site by this push:
new 5c963d2 Automatic Site Publish by Buildbot
5c963d2 is described below
commit 5c963d2a0881baa162d3d94ced1119c1476b8df1
Author: buildbot <[email protected]>
AuthorDate: Sun Jan 23 12:01:36 2022 +0000
Automatic Site Publish by Buildbot
---
output/tag-developers/tag-syntax.html | 80 ++++++++++++++++++++++-------------
1 file changed, 50 insertions(+), 30 deletions(-)
diff --git a/output/tag-developers/tag-syntax.html
b/output/tag-developers/tag-syntax.html
index b202998..ea58e4b 100644
--- a/output/tag-developers/tag-syntax.html
+++ b/output/tag-developers/tag-syntax.html
@@ -149,6 +149,7 @@
<li><a href="#passing-a-literal-value-the-right-way"
id="markdown-toc-passing-a-literal-value-the-right-way">Passing a literal value
the right way</a></li>
<li><a href="#expression-language-notations"
id="markdown-toc-expression-language-notations">Expression Language
Notations</a></li>
<li><a href="#disallowed-property-names"
id="markdown-toc-disallowed-property-names">Disallowed property names</a></li>
+ <li><a href="#escaping-body-of-a-tag"
id="markdown-toc-escaping-body-of-a-tag">Escaping body of a tag</a></li>
</ul>
<p>The tags are designed to display dynamic data. To create a input field that
displays the property “postalCode”,
@@ -156,8 +157,8 @@ we’d pass the String “postalCode” to the textfield tag.</p>
<h2 id="creating-a-dynamic-input-field">Creating a dynamic input field</h2>
-<pre><code class="language-jsp"><s:textfield name="postalCode"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:textfield</span> <span
class="na">name=</span><span class="s">"postalCode"</span><span
class="nt">/></span>
+</code></pre></div></div>
<p>If there is a “postalCode” property on the value stack, its value will be
set to the input field. When the field is
submitted back to the framework, the value of the control will be set back to
the “postalCode” property.</p>
@@ -169,8 +170,8 @@ The expression escape sequence is <code
class="highlighter-rouge">%{ ... }</code
<h3 id="using-an-expression-to-set-the-label">Using an expression to set the
label</h3>
-<pre><code class="language-jsp"><s:textfield key="postalCode.label"
name="postalCode"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:textfield</span> <span
class="na">key=</span><span class="s">"postalCode.label"</span> <span
class="na">name=</span><span class="s">"postalCode"</span><span
class="nt">/></span>
+</code></pre></div></div>
<p>The expression language (<a href="ognl">OGNL</a>) lets us call methods and
evaluate properties. The method <code class="highlighter-rouge">getText</code>
is provided
by <code class="highlighter-rouge">ActionSupport</code>, which is the base
class for most Actions. Since the Action is on the stack, we can call any of
its
@@ -184,8 +185,8 @@ In this case, you do not need to use the escape notation.
(But, if you do anyway
<h3 id="evaluating-booleans">Evaluating booleans</h3>
-<pre><code class="language-jsp"><s:select key="state.label" name="state"
multiple="true"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:select</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">multiple=</span><span class="s">"true"</span><span
class="nt">/></span>
+</code></pre></div></div>
<p>Since the attribute <code class="highlighter-rouge">multiple</code> maps to
a boolean property, the framework does not interpret the value as a String.
The value is evaluated as an expression and automtically converted to a
boolean.</p>
@@ -194,18 +195,18 @@ The value is evaluated as an expression and automtically
converted to a boolean.
<h3 id="evaluating-booleans-verbose">Evaluating booleans (verbose)</h3>
-<pre><code class="language-jsp"><s:select key="state.label" name="state"
multiple="%{true}"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:select</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">multiple=</span><span class="s">"%{true}"</span><span
class="nt">/></span>
+</code></pre></div></div>
<h3 id="evaluating-booleans-with-property">Evaluating booleans (with
property)</h3>
-<pre><code class="language-jsp"><s:select key="state.label" name="state"
multiple="allowMultiple"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:select</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">multiple=</span><span class="s">"allowMultiple"</span><span
class="nt">/></span>
+</code></pre></div></div>
<h3 id="evaluating-booleans-verbose-with-property">Evaluating booleans
(verbose with property)</h3>
-<pre><code class="language-jsp"><s:select key="state.label" name="state"
multiple="%{allowMultiple}"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:select</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">multiple=</span><span class="s">"%{allowMultiple}"</span><span
class="nt">/></span>
+</code></pre></div></div>
<h2 id="value-is-an-object">value is an Object!</h2>
@@ -219,8 +220,8 @@ property to call to set the <code
class="highlighter-rouge">value</code>. But, i
<h2 id="probably-wrong">Probably wrong!</h2>
-<pre><code class="language-jsp"><s:textfield key="state.label" name="state"
value="ca"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:textfield</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">value=</span><span class="s">"ca"</span><span class="nt">/></span>
+</code></pre></div></div>
<p>If a <code class="highlighter-rouge">textfield</code> is passed the value
attribute <code class="highlighter-rouge">ca</code>, the framework will look
for a property named <code class="highlighter-rouge">getCa</code>. Generally,
this is not what we mean. What we mean to do is pass a literal String. In the
expression language, literals are placed
@@ -228,8 +229,8 @@ within quotes</p>
<h2 id="passing-a-literal-value-the-right-way">Passing a literal value the
right way</h2>
-<pre><code class="language-jsp"><s:textfield key="state.label" name="state"
value="%{'ca'}" />
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:textfield</span> <span
class="na">key=</span><span class="s">"state.label"</span> <span
class="na">name=</span><span class="s">"state"</span> <span
class="na">value=</span><span class="s">"%{'ca'}"</span> <span
class="nt">/></span>
+</code></pre></div></div>
<p>Another approach would be to use the idiom <code
class="highlighter-rouge">value="'ca'"</code>, but, in this case, using the
expression notation is recommended.</p>
@@ -248,24 +249,24 @@ within quotes</p>
<ul>
<li>A JavaBean object in a standard context in Freemarker, Velocity, or JSTL
EL (Not OGNL).
- <pre><code class="language-jsp">Username: ${user.username}
-</code></pre>
+ <div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code>Username: ${user.username}
+</code></pre></div> </div>
</li>
<li>A username property on the Value Stack.
- <pre><code class="language-jsp"><s:textfield name="username"/>
-</code></pre>
+ <div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:textfield</span> <span
class="na">name=</span><span class="s">"username"</span><span
class="nt">/></span>
+</code></pre></div> </div>
</li>
<li>Another way to refer to a property placed on the Value Stack.
- <pre><code class="language-jsp"><s:url var="es" action="Hello">
- <s:param name="request_locale">es</s:param>
-</s:url>
-<s:a href="%{es}">Espanol</s:a>
-</code></pre>
+ <div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:url</span> <span
class="na">var=</span><span class="s">"es"</span> <span
class="na">action=</span><span class="s">"Hello"</span><span
class="nt">></span>
+ <span class="nt"><s:param</span> <span class="na">name=</span><span
class="s">"request_locale"</span><span class="nt">></span>es<span
class="nt"></s:param></span>
+<span class="nt"></s:url></span>
+<span class="nt"><s:a</span> <span class="na">href=</span><span
class="s">"%{es}"</span><span class="nt">></span>Espanol<span
class="nt"></s:a></span>
+</code></pre></div> </div>
</li>
<li>A static Map, as in <code
class="highlighter-rouge">put("username","trillian")</code>.
- <pre><code class="language-jsp"><s:property
value="#session.user.username" />
-<s:select label="FooBar" name="foo" list="#{'username':'trillian',
'username':'zaphod'}" />
-</code></pre>
+ <div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:property</span> <span
class="na">value=</span><span class="s">"#session.user.username"</span> <span
class="nt">/></span>
+<span class="nt"><s:select</span> <span class="na">label=</span><span
class="s">"FooBar"</span> <span class="na">name=</span><span
class="s">"foo"</span> <span class="na">list=</span><span
class="s">"#{'username':'trillian', 'username':'zaphod'}"</span> <span
class="nt">/></span>
+</code></pre></div> </div>
</li>
</ul>
@@ -285,8 +286,8 @@ within quotes</p>
<p>The below code will not work:</p>
-<pre><code class="language-jsp"><s:iterator value="parameters"/>
-</code></pre>
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:iterator</span> <span
class="na">value=</span><span class="s">"parameters"</span><span
class="nt">/></span>
+</code></pre></div></div>
<div class="language-java highlighter-rouge"><div class="highlight"><pre
class="highlight"><code>
<span class="kd">public</span> <span class="kd">class</span> <span
class="nc">MyAction</span> <span class="o">{</span>
@@ -301,6 +302,25 @@ within quotes</p>
</code></pre></div></div>
+<h2 id="escaping-body-of-a-tag">Escaping body of a tag</h2>
+
+<p>Since Struts 2.6 and migration to the latest Freemarker version (which
enables auto-escaping by default) you should
+stop using <code class="highlighter-rouge">?html</code> in your custom tags
and freemarker based pages. You can also automatically escape body of the
following
+tags by setting <code class="highlighter-rouge">escapeHtmlBody</code>
attribute to true:</p>
+<ul>
+ <li><code class="highlighter-rouge"><s:a/></code></li>
+ <li><code class="highlighter-rouge"><s:submit/></code></li>
+ <li><code class="highlighter-rouge"><s:component/></code></li>
+</ul>
+
+<p>There is a new global flag <code
class="highlighter-rouge">struts.ui.escapeHtmlBody</code> which controls this
behaviour for all the above tags.
+Yet the attribute <code class="highlighter-rouge">escapeHtmlBody</code> always
takes precedence over the flag.</p>
+
+<div class="language-html highlighter-rouge"><div class="highlight"><pre
class="highlight"><code><span class="nt"><s:a</span> <span
class="na">href=</span><span class="s">"%{...}"</span> <span
class="na">escapeHtmlBody=</span><span class="s">"true"</span><span
class="nt">></span>
+ <span class="nt"><img</span> <span class="na">src=</span><span
class="s">"/images/icon_waste_sml.png"</span><span class="nt">/></span>
+<span class="nt"></s:a></span>
+</code></pre></div></div>
+
</section>
</article>
