[Ur] CMS like features ? unsafe XML - encodings?
Marc Weber
marco-oweber at gmx.de
Tue Dec 14 21:03:02 EST 2010
Many web applications are using kind of
xml += "<div>#{xml_content_from_db}</div>";
which of course is unsafe. Which is the urweb way?
Is there a blessXml function ?
How can you render unsafe xml in a page?
I had a look at the only listed application on the wiki:
https://github.com/gian/urblog
But it seems to be using kind of markup. Neither does it compile.
Something broke it. Last change was in 2009.
Which is the urweb way storing xml in a database and including it into a
page?
If we are at it: Does it make sense to encode the encoding of a string
somehow?
Eg Ruby 1.9 fixed the encoding hell by disallowing concatenating
different encodings etc - of course nothing is typed statically.
You do something liket this:
"string".force_encoding("UTF-8").encode("ISO-8859-1")
which means "assume its UTF-8, then encode as ISO-.."
Encoding and xml validation has one in common: maybe invalid code may be
taken out of a database - and ur should be able to use it and pass it
over to the user.
Marc Weber
More information about the Ur
mailing list