Welcome Guest Search | Active Topics | Sign In | Register

Essential Objects Product Support Forum » All Products » Support » EO 2012 Grid control - html content is escaped

EO 2012 Grid control - html content is escaped Options
Previous Topic · Next Topic
uwe
Posted: Thursday, May 2, 2013 6:38:15 AM
Rank: Member
Groups: Member

Joined: 12/16/2007
Posts: 20
After updating from EO Web Controls 2009 to 2012

EO Grid, cell content with html markup is no more rendering but shown escaped as HTML Source.
How can I switch to the old/original behavior ?

Thanks.
Back to top
 
eo_support
Posted: Thursday, May 2, 2013 12:30:05 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,195
Hi,

We are not aware of such problems. Please try to isolate the problem into a test page and post the test page. Once we have that we will be very happy to take a look.

Thanks!
Back to top
 
uwe
Posted: Thursday, May 2, 2013 12:42:37 PM
Rank: Member
Groups: Member

Joined: 12/16/2007
Posts: 20
In EO 2009 a eo:TextBoxColumn bound to a data table field rendered HTML markup
after updating to EO 2012 things changed - now it shows the markup source.

We found this Workaround
Using an eo:CustomColumn instead of TextBoxColumn in eo 2012 renders as expected.

e.g. eo 2009 source
<eo:TextBoxColumn DataField="zLinkl" HeaderText="Process" Name="LinkProcessl" Width="40" >
</eo:TextBoxColumn>
has in eo 2012 to be replaced with
<eo:CustomColumn DataField="zLink" HeaderText="Process" Name="LinkProcess" Width="50">
</eo:CustomColumn>

To render data like
<a href=".....">link </a>
as a link and not as its markup
Back to top
 
eo_support
Posted: Friday, May 3, 2013 3:39:29 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,195
Hi,

We have confirmed the change. There are two purposes for the change:

1. To allow user to see exactly the same value as they edit;
2. To prevent problems if user enter invalid HTML. For example, if user enters unclosed tags such as "<div>something", then it can create problems for the Grid if we just take it as is;

Generally allowing user to edit HTML directly is not a good idea. So using CustomColumn in this case is a good solution. With CustomColumn you can only let user to enter the href target Url, but then format the proper HTML in your ClientSideGetText handler. This way user won't enter raw HTML directly, but you will still be able to display the link in your Grid cell.

Thanks!
Back to top
 
uwe
Posted: Saturday, May 4, 2013 2:00:17 PM
Rank: Member
Groups: Member

Joined: 12/16/2007
Posts: 20
Hi,
thanks for your confirmation and workaround suggestions.

We do not let the user edit HTML in the grid - it is just to how/render some auto generated HTML.
Since beginning we used TextBoxColumn for this purpose.
Maybe you want to think about a flag like 'renderHTML' to let us control the grids behavior with HTML !?
Generally I agree with not rendering HTML by default - also to adress script injection issues.
Back to top
 
eo_support
Posted: Sunday, May 5, 2013 12:04:17 PM
Rank: Administration
Groups: Administration

Joined: 5/27/2007
Posts: 24,195
Hi,

If you just want to render text, you can use StaticColumn instead of TextBoxColumn. A StaticColumn does not escape HTML.

Thanks!
Back to top
 


You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.