Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Autocomplete widget escapes provided values #103

Open
tonthon opened this Issue · 4 comments

3 participants

tonthon Mathieu Le Marec - Pasquet Chris McDonough
tonthon

When using widget.AutocompleteWidget, the values provided are escaped.
For example when providing

 [u"John & Son"]

The resulting generated javascript is :

$('#' + oid).autocomplete({source: ["John & Son"] ...

In autocomple_input.pt :

- $('#' + oid).autocomplete({source: ${values}});
+ $('#' + oid).autocomplete({source: ${structure:values}});

Fix the issue.

tonthon tonthon referenced this issue in Pylons/deformdemo
Merged

Adding test case for deform #103 issue #13

Mathieu Le Marec - Pasquet
Collaborator

Hi, Can you provide a patch for deform itself ?

Chris McDonough
Owner

Note to self: what if someone has a ">" in one of their values?

Chris McDonough
Owner

Possibly need CDATA tag.. and.. who fucking knows. I don't.

Mathieu Le Marec - Pasquet kiorky closed this in e321bd8
Mathieu Le Marec - Pasquet kiorky referenced this issue from a commit
Commit has since been removed from the repository and is no longer available.
Mathieu Le Marec - Pasquet kiorky reopened this
tonthon

Maybe using bleach to whitelist some html tags could be an option

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.