special characters in XSLT
778 views
Skip to first unread message
Apollo
Sep 4, 2008, 10:17:31 PM9/4/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi all,
I have problem dealing with special characters like '%', '&' or space
in XSLT.
I've defined a parameter contact_url as http://www.abc.com/Service&operation
for example.
I tried to query GSA with the parameter as below:
<GSA url>search?q=test&site=default&contact_url=http%3A%2F
%2Fwww.abc.com%2FService%26operation
All the special characters have already been encoded, however, some
characters cannot be resolved at the search result page. The
contact_url displayed like:
http://www.abc.com/Service_operation
The same problem happened to other characters like '%' and space, they
will be replaced by '_'.
Is there any solution to it? Thanks for your attention.
I have problem dealing with special characters like '%', '&' or space
in XSLT.
I've defined a parameter contact_url as http://www.abc.com/Service&operation
for example.
I tried to query GSA with the parameter as below:
<GSA url>search?q=test&site=default&contact_url=http%3A%2F
%2Fwww.abc.com%2FService%26operation
All the special characters have already been encoded, however, some
characters cannot be resolved at the search result page. The
contact_url displayed like:
http://www.abc.com/Service_operation
The same problem happened to other characters like '%' and space, they
will be replaced by '_'.
Is there any solution to it? Thanks for your attention.
bria...@gmail.com
Sep 5, 2008, 1:51:14 AM9/5/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi Apollo,
Have you tried to escape them in your xslt? I think & would work
for &. Or try %26 if it doesn't work.
Brian
On Sep 5, 11:17 am, Apollo <yuxh1...@gmail.com> wrote:
> Hi all,
>
> I have problem dealing with special characters like '%', '&' or space
> in XSLT.
> I've defined a parameter contact_url ashttp://www.abc.com/Service&operation
Have you tried to escape them in your xslt? I think & would work
for &. Or try %26 if it doesn't work.
Brian
On Sep 5, 11:17 am, Apollo <yuxh1...@gmail.com> wrote:
> Hi all,
>
> I have problem dealing with special characters like '%', '&' or space
> in XSLT.
Apollo
Sep 5, 2008, 2:30:28 AM9/5/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Thanks Brian, but both of them do not work. In my example, I have
already used %26.
I tried %2526 (%25 to encode %) as well, but the result is
http://www.abc.com/Service_26operation
%25 cannot be resolved also.
already used %26.
I tried %2526 (%25 to encode %) as well, but the result is
http://www.abc.com/Service_26operation
%25 cannot be resolved also.
bria...@gmail.com
Sep 5, 2008, 9:17:12 PM9/5/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi Apollo,
Have you tried using this:
disable-output-escaping="yes"
There are a couple examples of this in the default stylesheet.
If that still doesn't work, can you post your code snippet here and we
can give it a try.
Brian
On Sep 5, 3:30 pm, Apollo <yuxh1...@gmail.com> wrote:
> Thanks Brian, but both of them do not work. In my example, I have
> already used %26.
> I tried %2526 (%25 to encode %) as well, but the result ishttp://www.abc.com/Service_26operation
Have you tried using this:
disable-output-escaping="yes"
There are a couple examples of this in the default stylesheet.
If that still doesn't work, can you post your code snippet here and we
can give it a try.
Brian
On Sep 5, 3:30 pm, Apollo <yuxh1...@gmail.com> wrote:
> Thanks Brian, but both of them do not work. In my example, I have
> already used %26.
Apollo
Sep 7, 2008, 11:48:21 PM9/7/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Thanks Brian, I did find a number of samples in default xslt using
disable-output-escaping="yes". I tried to add it to my piece of code
below but got the error message as: ***ERRORS*** Line -1: disable-
output-escaping is not allowed for a non-text node.
I did a bit research and found that 'disable-output-escaping' should
be able to be applied to both xsl:value-of or xsl:text element. I'm
quite new to xslt, is there any special setting to add here? Thanks a
lot.
<a style="background-color:transparent;" class="aLink">
<xsl:choose>
<xsl:when test="PARAM[(@name='contact_url') and
(@value!='')]">
<xsl:attribute name="href">
<xsl:value-of disable-output-escaping='yes'
select="PARAM[@name='contact_url']/@value"/>
</xsl:attribute>
</xsl:when>
<xsl:otherwise>
<xsl:attribute name="href">
<xsl:value-of select="$global_contact_url"/>
</xsl:attribute>
</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="'Contact Info'"/>
</a>
disable-output-escaping="yes". I tried to add it to my piece of code
below but got the error message as: ***ERRORS*** Line -1: disable-
output-escaping is not allowed for a non-text node.
I did a bit research and found that 'disable-output-escaping' should
be able to be applied to both xsl:value-of or xsl:text element. I'm
quite new to xslt, is there any special setting to add here? Thanks a
lot.
<a style="background-color:transparent;" class="aLink">
<xsl:choose>
<xsl:when test="PARAM[(@name='contact_url') and
(@value!='')]">
<xsl:attribute name="href">
<xsl:value-of disable-output-escaping='yes'
select="PARAM[@name='contact_url']/@value"/>
</xsl:attribute>
</xsl:when>
<xsl:otherwise>
<xsl:attribute name="href">
<xsl:value-of select="$global_contact_url"/>
</xsl:attribute>
</xsl:otherwise>
</xsl:choose>
<xsl:value-of select="'Contact Info'"/>
</a>
Apollo
Sep 11, 2008, 5:17:15 AM9/11/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi Brian,
Any idea on the previous post? Thanks.
Any idea on the previous post? Thanks.
Pablo Solera
Sep 11, 2008, 12:08:06 PM9/11/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi Apollo,
We discovered that behaviour some time ago.
Just to clarify the problem for everyone:
It seems that the GSA encodes internally custom params (for security
reasons, XSS).
The problem comes from the XML response, is not on the XSLT.
There´s no simple way of decoding them back based on the
"original_value" atribute from the XML.
If we search:
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
%3A%2F%2Fwww.abc.com%2FService%26operation
The values shown on the XML for the customParam are:
value="http://www.abc.com/Service_operation"
original_value="http%3A%2F%2Fwww.abc.com%2FService%26operation"
The best to solve this is to decode params from the "original_value"
attribute.
If you want to try it, theres a nice stylesheet you could use:
http://skew.org/xml/stylesheets/url-encode/
(Easier) Method 2: Pass those restricted values using custom encoding.
For example:
You could use:
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
%3A%2F%2Fwww.abc.com%2FService(((26operation
And then in the XSLT, replace each (((26 with an ampersand.
There are only a few params that get encoded. (&, <, >...)
A dirty workaround (I dont recommend this) is use some of the already
defined params that you don´t need.
Some params do not encode the values you pass.Try getfields or entsp.
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&entsp=http
%3A%2F%2Fwww.abc.com%2FService%26operation
But these params are actually used by the GSA on some cases, so I won
´t use them on a real case scenario.
Please let me know if this information was helpful.
Best regards,
Pablo Solera
www.ti.eptisa.com
We discovered that behaviour some time ago.
Just to clarify the problem for everyone:
It seems that the GSA encodes internally custom params (for security
reasons, XSS).
The problem comes from the XML response, is not on the XSLT.
There´s no simple way of decoding them back based on the
"original_value" atribute from the XML.
If we search:
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
%3A%2F%2Fwww.abc.com%2FService%26operation
The values shown on the XML for the customParam are:
value="http://www.abc.com/Service_operation"
original_value="http%3A%2F%2Fwww.abc.com%2FService%26operation"
The best to solve this is to decode params from the "original_value"
attribute.
If you want to try it, theres a nice stylesheet you could use:
http://skew.org/xml/stylesheets/url-encode/
(Easier) Method 2: Pass those restricted values using custom encoding.
For example:
You could use:
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
%3A%2F%2Fwww.abc.com%2FService(((26operation
And then in the XSLT, replace each (((26 with an ampersand.
There are only a few params that get encoded. (&, <, >...)
A dirty workaround (I dont recommend this) is use some of the already
defined params that you don´t need.
Some params do not encode the values you pass.Try getfields or entsp.
<<GSA>>/search?
site=default_collection&client=default_frontend&output=xml_no_dtd&entsp=http
%3A%2F%2Fwww.abc.com%2FService%26operation
But these params are actually used by the GSA on some cases, so I won
´t use them on a real case scenario.
Please let me know if this information was helpful.
Best regards,
Pablo Solera
www.ti.eptisa.com
Naras
Sep 18, 2008, 4:20:19 AM9/18/08
to Google Search Appliance/Google Mini - Google Search Appliance/Google Mini
Hi Pablo Solera
We solved the issue by following Method 1( i.e by decoding the
original_value).
Thanks
On Sep 11, 12:08 pm, Pablo Solera <pablo.sole...@gmail.com> wrote:
> Hi Apollo,
>
> We discovered that behaviour some time ago.
>
> Just to clarify the problem for everyone:
> It seems that the GSA encodes internally custom params (for security
> reasons, XSS).
> The problem comes from the XML response, is not on the XSLT.
> There´s no simple way of decoding them back based on the
> "original_value" atribute from the XML.
>
> If we search:
> <<GSA>>/search?
> site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
We solved the issue by following Method 1( i.e by decoding the
original_value).
Thanks
On Sep 11, 12:08 pm, Pablo Solera <pablo.sole...@gmail.com> wrote:
> Hi Apollo,
>
> We discovered that behaviour some time ago.
>
> Just to clarify the problem for everyone:
> It seems that the GSA encodes internally custom params (for security
> reasons, XSS).
> The problem comes from the XML response, is not on the XSLT.
> There´s no simple way of decoding them back based on the
> "original_value" atribute from the XML.
>
> If we search:
> <<GSA>>/search?
> %3A%2F%2Fwww.abc.com%2FService%26operation
> The values shown on the XML for the customParam are:
> value="http://www.abc.com/Service_operation"
> original_value="http%3A%2F%2Fwww.abc.com%2FService%26operation"
>
> The best to solve this is to decode params from the "original_value"
> attribute.
> If you want to try it, theres a nice stylesheet you could use:http://skew.org/xml/stylesheets/url-encode/
>
> (Easier) Method 2: Pass those restricted values using custom encoding.
> For example:
> You could use:
> <<GSA>>/search?
> site=default_collection&client=default_frontend&output=xml_no_dtd&customParam=http
> The values shown on the XML for the customParam are:
> value="http://www.abc.com/Service_operation"
> original_value="http%3A%2F%2Fwww.abc.com%2FService%26operation"
>
> The best to solve this is to decode params from the "original_value"
> attribute.
> If you want to try it, theres a nice stylesheet you could use:http://skew.org/xml/stylesheets/url-encode/
>
> (Easier) Method 2: Pass those restricted values using custom encoding.
> For example:
> You could use:
> <<GSA>>/search?
> %3A%2F%2Fwww.abc.com%2FService(((26operation
> And then in the XSLT, replace each (((26 with an ampersand.
> There are only a few params that get encoded. (&, <, >...)
>
> A dirty workaround (I dont recommend this) is use some of the already
> defined params that you don´t need.
> Some params do not encode the values you pass.Try getfields or entsp.
> <<GSA>>/search?
> site=default_collection&client=default_frontend&output=xml_no_dtd&entsp=http
> And then in the XSLT, replace each (((26 with an ampersand.
> There are only a few params that get encoded. (&, <, >...)
>
> A dirty workaround (I dont recommend this) is use some of the already
> defined params that you don´t need.
> Some params do not encode the values you pass.Try getfields or entsp.
> <<GSA>>/search?
Reply all
Reply to author
Forward
0 new messages