In my program, I get input from the user and insert it into an XHTML
document. Sometimes, this input will contain XHTML, but since I'm
inserting it as a text node, xml.dom.minidom escapes the angle brackets
('<' becomes '<', '>' becomes '>'). I want to be able to
override this behavior cleanly. I know I could pipe the input through
a SAX parser and create nodes to insert into the tree, but that seems
kind of messy. Is there a better way?
Thanks. 5 2172
On Thu, 2 Nov 2005 no****@gmail.com wrote: In my program, I get input from the user and insert it into an XHTML document. Sometimes, this input will contain XHTML, but since I'm inserting it as a text node, xml.dom.minidom escapes the angle brackets ('<' becomes '<', '>' becomes '>'). I want to be able to override this behavior cleanly. I know I could pipe the input through a SAX parser and create nodes to insert into the tree, but that seems kind of messy. Is there a better way?
What about parsing the input into XML first? Is there any point in including
unescaped code into XML document unless it is XML itself?
Thanks.
Sincerely yours, Roman Suzi
-- rn*@onego.ru =\= My AI powered by GNU/Linux RedHat 7.3
Roman Suzi wrote: On Thu, 2 Nov 2005 noa...@gmail.com wrote: Is there a better way?
What about parsing the input into XML first? Is there any point in including unescaped code into XML document unless it is XML itself?
Indeed. My approach would be to parse the user's input using the
parseString function, to get the "root element" of this newly parsed
document, and then to import that element into the existing document
using importNode. The imported document information could then be
inserted into the existing document at a suitable place. For example:
user_doc = xml.dom.minidom.parseString(user_input)
# NOTE: Check for element or use XPath here...
user_doc_root = user_doc.childNodes[0]
imported_root = existing_doc.importNode(user_doc_root, 1)
existing_doc_location.appendChild(imported_root)
Paul no****@gmail.com wrote: In my program, I get input from the user and insert it into an XHTML document. Sometimes, this input will contain XHTML, but since I'm inserting it as a text node, xml.dom.minidom escapes the angle brackets ('<' becomes '<', '>' becomes '>'). I want to be able to override this behavior cleanly. I know I could pipe the input through a SAX parser and create nodes to insert into the tree, but that seems kind of messy. Is there a better way?
You could try version 2.13 of XIST ( http://www.livinglogic.de/Python/xist)
Code looks like this:
from ll.xist.ns import html, specials
text = "Number 1 ... the <b>larch</b>"
e = html.div(
html.h1("And now for something completely different"),
html.p(specials.literal(text))
)
print e.asBytes()
This prints:
<div><h1>And now for something completely different</h1><p>Number 1 ...
the <b>larch</b></p></div>
I hope this is what you need.
Bye,
Walter Dörwald
[no****@gmail.com] In my program, I get input from the user and insert it into an XHTML document. Sometimes, this input will contain XHTML, but since I'm inserting it as a text node, xml.dom.minidom escapes the angle brackets ('<' becomes '<', '>' becomes '>'). I want to be able to override this behavior cleanly.
Why?
You need to make a decision on how the contained xhtml is treated after
it has been inserted into the document.
1. If it is simply textual payload, then it should be perfectly
acceptable to escape those characters. Or you could include it as a
CDATA section.
2. If it needs to become a structural part of the xml document, i.e. the
elements are structurally incorporated into the document, then you need
to transform it into nodes somehow, e.g. by parsing it with sax, etc.
Although it would probably be easier to parse it into a separate DOM and
import the generated root node into your document.
Is this xhtml coming from a trusted source? Or are you accepting it from
strangers, over the internet? If the latter, there are security concerns
relating to XSS attacks that you need to be aware of.
See the following archive post for how to clean up untrusted (x)html. http://groups.google.com/group/comp....b6510990a25f9a
HTH,
--
alan kennedy
------------------------------------------------------
email alan: http://xhaus.com/contact/alan This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Rutger Claes |
last post by:
Code and problem are from PHP5:
When I execute the following piece of code, the DomException is thrown with
a message: Not Found Exception.
I assume this means that the node I extracted from the...
|
by: Skip Montanaro |
last post by:
I'm getting somewhat painfully acquainted with xml.dom.minidom. What is the
relationship between its documentElement attribute and its childNodes list?
I thought XML documents consisted of a...
|
by: johkar |
last post by:
I am confused on childNodes or children. When you have nested lists,
I would think it would all be one list in the Dom, this doesn't seem
to be the case. So how do you traverse an unordered list?...
|
by: NoCopy na |
last post by:
Using the following example:
domiframetest.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html...
|
by: Patient Guy |
last post by:
Taking the BODY element as an example, all of its style attributes
('alink', 'vlink', 'background', 'text', etc.) are deprecated in HTML 4.01,
a fact noted in the DOM Level 2 HTML specification.
...
|
by: bennett.matthew |
last post by:
Hello all,
This is probably an elementary (no pun intended) question, but I've
spent all afternoon on it and it's driving me crazy.
I have a function which dynamically adds to a table. It...
|
by: gunimpi |
last post by:
http://www.vbforums.com/showthread.php?p=2745431#post2745431
********************************************************
VB6 OR VBA & Webbrowser DOM Tiny $50 Mini Project Programmer help
wanted...
|
by: SMH |
last post by:
Normally an SVG document is loaded/parsed/interpreted inside an HTML
document using an 'object' (or 'embed') element, although there are
supposedly other ways too. The problem is, the SVG document...
|
by: vunet.us |
last post by:
I cannot append a node from XML into the HTML dom (textarea field) in
IE. But I can for the text input html elements! Is anyone aware of
this and what is the possible solution?
Thanks.
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |