Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
Description
(I've reported this problem to commons-user before. See thread "[jelly] body as unescaped xml".)
The following snippet exposes the problem:
<j:set var="foo">
<foo/>
</j:set>
${foo}
I expected the output to be "<foo></foo>" (or "<foo/>") but it is actually "<foo></foo>".
The problem is that there is no way to control this behaviour. The reason is that the factory methods of XMLOutput by default return an instance which escapes body text with XML entities (as in the example). In many applications this makes sense, but ss Jelly is primarily a tool to manipulate XML, I think the default should be not to escape XML. (Also read the discussion in http://www.mail-archive.com/commons-user@jakarta.apache.org/msg02750.html.)
In the example the variable "foo" actually gets assigned the String value "<foo></foo>", which is escaped when it's dereferenced using "${foo}". The question is whether the value should really be a String. Shouldn't it really be XML?