Posted by noah on 12/02/06 17:53

Hi,

Thanks for the quick responses. I should have been more clear about the
submit.

I have simple java servlet (a Sping FrameworkServlet) running on a
tomcat app server. It does some basic processing of the HttpRequest.

The behavior I am seeing is, I can type a basic string in the textarea,
e.g. "Helllo", and click submit. Debugging the servlet on the server I
can see the request come in fine, with the 'Hello' string set as the
value on my parameter named 'xml'.

However, if I then repeat the test but place XML formed data, e.g. :
<?xml version="1.0" encoding="ISO-8859-1"?>
<note>
<to>Jim</to>
<from>Bob</from>
<body>Don't forget this weekend!</body>
</note>

The form does not seem to submit. I do not catch the HttpRequest on the
server.

If an HTML textarea does indeed submit precisely what is pasted, then
my problem may lay elsewhere. My first hunch though was that the
problem was on the browser/html side.

Thx,
Noah





Harlan Messinger wrote:
> noah wrote:
> > My user needs to cut and paste XML and submit it using a simple HTML
> > form.
> >
> > I have created a textarea:
> >
> > <textarea rows="10" cols="60" name="xml">
> > </textarea>
> >
> > The problem is the special characters in the XML mess up the submit. I
> > need everything pasted to this textarea to be treated like CDATA (I
> > think), or somehow full escaped.
>
> Can you be more clear than "mess up the submit"? What is the actual
> error that's occurring? Characters like <, >, ', ", etc. work just fine
> in forms. The most likely problem that comes to mind is that you're
> trying to put the data into a database by building a query string in
> your application like
>
> sql = "insert into T (xml) values ('" + xmlInput + "')";
>
> and the input data has apostrophes (single quotes) in it that need to be
> escaped to keep the SQL engine from treating them as delimiters in the
> query.

[Back to original message]