Robert Mark Bram wrote:
I have an application that is writing Javascript with JSP server side
code that uses escapeXML:
var someVar = "<c:out escapeXml="true" value="You'll never escape!"/>";
*g*
How to I unescape this?
Maybe
someVar = someVar.replace(/</g, "<").replace(/>/g, ">"
.replace(/&/g, "&");
Using the unescape() function doesn't cut it..
unescape("You'll never escape!");
It is not supposed to. unescape() decodes (ASCII) percent-encoded strings.
It was primarily used to decode URI components, and is now deprecated in
favor of decodeURI() and decodeURIComponent(), which in addition can decode
UTF-8 percent encoding.
Do I have to use regex to replace or is there some other way?
A regular expression like above would not help in your case because the
escaping of `"' needs to take place *before* you insert the value with JSP,
i.e. "on the server".
You do not need `escapeXml="true"' if you declare the content of the XHTML
`script' element CDATA, provided the string never contains `"', like
in your example:
<script type="text/javascript">
// <![CDATA[
...
]]>
</script>
But if the `<' and `>' are your only problems, you could as well move the
code to an external script file or simply use HTML instead.
PointedEars
--
var bugRiddenCrashPronePieceOfJunk = (
navigator.userAgent.indexOf('MSIE 5') != -1
&& navigator.userAgent.indexOf('Mac') != -1
) // Plone, register_function.js:16