Why <br> tag was not parsed inside custom HTMLColumn in GWT?

279 views
Skip to first unread message

Tom

unread,
Jun 6, 2014, 7:01:50 AM6/6/14
to google-we...@googlegroups.com

Ok, I have a HTML column which should parse any textcell that contain html tag into HTML value:

public class HTMLColumn extends Column<List<String>, String>{
    public HTMLColumn(){
          super(new ClickableTextCell(){
            public void render(Context context, 
                   SafeHtml value, 
                   SafeHtmlBuilder sb)
            {
                //String text="";
                if(value!=null){
                    //text=value.asString();
                    sb.appendHtmlConstant("<div>");
                    sb.appendHtmlConstant("<b>"+value.asString()+"</b>");
                    sb.appendHtmlConstant("</div>");
                }

            }   
       });
    }
}

ok, when testing with the text contain car<br>bike, i can see the whole text got bold so sb.appendHtmlConstant seem to be ok, but it did not make the bike to be in new line. It rendered the text like this: bold car<br>bike.

That mean <br> was not parsed.

Is this the css problem or something happened?

http://stackoverflow.com/questions/24080177/why-br-tag-was-not-parsed-inside-custom-htmlcolumn-in-gwt

Lothar Kimmeringer

unread,
Jun 6, 2014, 7:08:14 AM6/6/14
to google-we...@googlegroups.com
Am 06.06.2014 13:01, schrieb Tom:
> ok, when testing with the text contain |car<br>bike|, i can see the
> whole text got bold so |sb.appendHtmlConstant| seem to be ok, but
> it did not make the |bike| to be in new line. It rendered the text
> like this: bold |car<br>bike|.
>
> That mean |<br>| was not parsed.
>
> Is this the css problem or something happened?

I don't know the inner workings of that class but maybe you
try it with <br/> instead.


Cheers, Lothar

Jens

unread,
Jun 6, 2014, 7:15:14 AM6/6/14
to google-we...@googlegroups.com
SafeHtml.asString() escapes HTML entities to secure you from XSS attacks, thats the point of using it. In your example, if your <br> should not be escaped you must create a SafeHtml instance using

SafeHtmlBuilder b = ..
b.appendEscaped("car");
b.appendHtmlConstant("<br>");
b.appendEscaped("bike");

OR

SafeHtmlUtils.fromTrustedString("car<br>bike") if you can make sure that no one can potentially insert evil things into the string as this method doesn't escape anything.

-- J.

Tom

unread,
Jun 6, 2014, 7:58:56 AM6/6/14
to google-we...@googlegroups.com
Thax you Jens, it's fase data only vip can input html
Reply all
Reply to author
Forward
0 new messages