Our web application allows the user to submit rich text (with some whitelisted HTML tags) to our server. The client-side form uses CKEDITOR to capture the rich text.
Once the user submits their input, I need to retrieve the rich text on a separate page for rendering. The render has to happen dynamically. On document ready, I pull the server side value, create a div element, and dump the rich text into the innerHTML attribute of the div.
i.e. :
var container = document.createElement('div');
div.innerHTML = '{!server_side_value}'; // String interpolation to retrieve the user's input
The problem that the server-side rich text is stored with newline characters. When I attempt to assign the innerHTML attribute, I get the "Unexpected token ILLEGAL" error. I cannot assign the string to innerHTML, nor can I pass it as an argument to a function that strips the new line characters using RegEx. Both attempts result in the 'Unexpected Token' error.
My question is: is it impossible to massage the rich text value in JavaScript because it has new line characters? I am working on a 3rd party platform, so the details of how user input is stored are somewhat hidden in a black box. However, I think I can add a hook to pre-process the data before save. In either case, I am just curious what to do in JavaScript if the server-side string returned with newline characters.
EDIT:
Here is the highlighted line in the console. The reason why I thought it had to do with the newline was because of the space between the first 'p' tag and starting of the second. I know JavaScript multiline strings must use the + operator for concatenation. Another SO user had a similar issue: Javascript: Unexpected Token ILLEGAL Error with appendChild()
var richText = '<p class="p1"><span class="s1">Here is some text.</span></p>
<p class="p1"><span class="s1">Here is some more text</span><br><br></p>';
If you're stuffing that exact thing into a js var then, yes it will care about the line feed. If you are getting it from the server via javascript, it shouldn't be an issue.
Since you didn't specify your server side language, I'll use an example with C#/Razor/MVC
var richText = '#RichText' // this is going to fail
At this point, I would do #RichText.Replace("\r\n","") or something
Your regex function fails because it's still the server side variable that contains line breaks.
Related
When i am launching the web application it is generating a state token which is dynamic value looks like this"State_token_g0=stateToken = '00aF\x2D5HSbtfsCjJbYUAayevCC5uvH9Qg5aMGSUvKEM';" and it is getting failed and throwing an error as"{"errorCode":"E0000003","errorSummary":"The request body was not well-formed.","errorLink":"E0000003","errorId":"oaewNC2ocVjS6m_EpiszsjV7Q","errorCauses":[]}".
If the dynamic value generated without "" it is getting executed.
it is not possible to delete \ from the library as well.
Tried multiple regex ^[a-zA-Z0-9]+$, [^"]+?, \d+?,\w+?, {"stateToken":([^"]+?),^[A-Z0-9a-z\~!##$%^&()_+|,./<>?]+$,[A-Z0-9a-z\], ^[A-Z0-9a-z\]+$
replace(/\\/g, '');
will replace backslashes, could you add this to your regex?
let string = "00aF\x2D5HSbtfsCjJbYUAayevCC5uvH9Qg5aMGSUvKEM";
var minusbackslash = string.replace(/\\/g, '');
//show result in result div
document.getElementById("result").innerText = minusbackslash;
<div id="result"></div>
You can remove backslashes by adding a JSR223 PostProcessor after your Regular Expression Extractor and using the following code in the "Script" area:
vars.put('State_token_g0', vars.get('State_token_g0').replaceAll('\\\\',''))
The line will replace the original value of the State_token_g0 JMeter Variable with the removed slashes.
Demo:
In the above example vars stands for JMeterVariables class instance, see the JavaDoc for full description of all functions and fields and Top 8 JMeter Java Classes You Should Be Using with Groovy article for more details on this and other JMeter API shorthands available for the JSR223 Test Elements
I've created a blog where markdown is returned as a string from my backend, however when I return a string with the correct newline characters it does not behave as expected.
I am using ngx-markdown to handle parsing of markdown characters, and using the ngPreserveWhitespaces attribute to ensure this should be functioning as expected.
Example:
// Example #1 Returned String
"## This is a subheader\n This is a sentence"
// Output
<h2>This is a subheader\n This is a sentence</h2>
It displays it as a single line with the newline character physically rendered as text, as above.
However within any of my Angular components I can literally write this same string as a property on the component and return it, and it renders correctly like so:
// Example #2 Hard Coded String
public correct: string = "## This is a subheader\n This is a sentence";
// Output
<h2>This is a subheader</h2>
<p>This is a sentence</p>
As mentioned, the markdown parser I am using is implemented as such:
<markdown ngPreserveWhitespaces>{{content}}</markdown>
I have also attempted to do this by setting ngPreserveWhitespaces within the main/tsconfig files. However I do not believe this is what the issue is, as I can (natively in JS) console.log both my returned string (#1) and the hard coded string (#2) and even my damn logs display differently (with the latter formatting correctly and the former just stringifying the output).
I have attempted:
JSON stringify/parsing the data in multiple ways (as well as without)
I have attempted using regex to manually replace characters
I have attempted to just manually use <br />
I have tried everything outlined here regarding this markdown parser handling whitespace (which I do not believe is the issue)
Nothing appears to appease the newline gods.
Solution
Okay so I've found my solution to this, I am now storing my markdown string as such:
"## This is a subheader\n This is a sentence"
This difference here is the interface I'm storing this within (a Mongo db) puts the speechmarks around string values already, so it now actually looks like this:
""## This is a subheader\n This is a sentence""
Which is more a weird thing with MongoDB Compass than with what I was attempting.
From this, I am able to JSON.parse the value correctly (previously it was attempting to do so with a string that wasn't valid JSON as it wasn't enclosed in double speechmarks).
I am now handling this in an extension of a Property class I have for each of these called HtmlProperty which when instantiated, parses the value correctly.
I need to assign a long string (4 pages worth of text) to a variable, so far I've been doing it like this
var myText = "[SOME] Text goes \
.. here ? and 'there' \
is more ( to \
come etc. !)";
slashes at the end need to be added to all of the text, and I can't imagine how long this will take to do manually. Also, I get ILLEGAL error for some reason I don't understand for the first line.
Therefore I wanted to find out the best way to handle this situation. I was looking into solutions of passing in a .txt file, but would rather do it as a really long string (this is not a production app). Also string shown in example is random, showing that there can be a lot of various characters in it that need to be accounted for.
You have to concatenate the string:
var t = ""
+"text line 1"
...
+"text line n"
But I would put the text in a text file and read it using xhr (on client) or io (on server).
You cannot have a multiline string definition in javascript but you have several options :
save your text in a file and read this file from your program
use the multiline npm module which propose a hack to use function comments as multiline string definitions
use ES6 multi-line template strings notation, which have multi-line support - https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/template_strings#Multi-line_strings
saving the text in a file would seem to me as the preferred option in your case since the text seem to be very long an potentially coming from an untrusted source. You do not want the pasted text to close the string and start doing innapropriate function calls.
Im using a well known "hack" (the json encode function) to prevent some characters to mess up my html, im receiving from an API a description field that can content single or double quotes (and other special chars). So:
<div class="someThing" data-fulldescription=<?=json_encode($textFromApi);?>>
...
</div>
Now I read that data field using jquery and then print it inside a div:
$('#brand-modal-content').html($(this).parents('.someThing').data('fulldescription'));
The problem is, the quotes are now coded by the PHP function, and some characters get replaced by "\u00e8" or "\u00f9", is there a way to reformat the text using jquery?
You are injecting content into HTML in a very wrong (and even unsafe) way. Do this instead:
data-fulldescription="<?=htmlspecialchars(json_encode($textFromApi));?>"
This way the JSON will be properly encoded and safely injected no matter what is inside; then, you can decode it like so:
var decoded = JSON.parse($(this).parents('.someThing').data('fulldescription'));
The combination of these steps will perfectly preserve the JSON no matter what it represents (you can take shortcuts if you assume it's a string, but why not be always 100% safe?). You can then do whatever you want with the decoded value.
Using CKEDITOR and its getData() method, I retrieve html character entities (unicode). How do you re-translate to the original code. I don't want to save unicode in my database. Or do you?
I made a test and outputing it from the DB into an HTML page results - as assumed - in every character of the unicode charachter set to be printed: e.g. &oulm; instead of รถ. So the user gets HTML character entities displayed.
Any clue how I can decode it before I send it into my database? I glady do it with jQuery if possible.
Set config.entities_latin and config.entities_greek to false.
CKEDITOR.replace( 'foo', {
entities_latin: false,
entities_greek: false
} );