Escaping html

(( replace “[” with less-than and “]” with greater-than in what follows )

Is there a way to use the angularJS idea of filters to cause html contained in variables to be displayed in it’s source format in a text widget with bonita?

Ie - if:

x = “the quick brown fox”;

I want to display this in a text widget, using a syntax like …

{{ x | filterNameHere }}

And to see it rendered like the original text so I see the “[” and “]”.

I would have though this should be a standard feature, otherwise users can enter html into forms and cause all kinds of havoc when that data is later used in text widgets (clever using of [script] could be really bad) - but I cant find a filter for this.

If I need to write my own filter, where should I put the file that it’s coded in?

Thanks guys.

C

Drop that – I’ve worked it out.

In case you’re interested: write a “.js” file and declare it as an asset to your page. The example below creates a filter called “clean”…

angular.module("bonitasoft.ui.filters").filter("clean", function() { return function(input) { return input. replace(/&/g, "&"). replace(//g, ">"); }; }); (not sure how to get the forum to respect leading white space in code - sorry)

With that in place, you can then just use syntax like the following to filter the variable content to taste.

{{ myvar | clean }}

Chris

C