public interface UIBodyWriter
Important: To prevent XSS issues, the methods addSafeAttribute(String, String)
and addSafeInnerHTML(String)
must be used.
The use of the script tag (<script>
) is strongly discouraged.
It is recommended to use the UIJavaScriptWriter
instead.
Modifier and Type | Method and Description |
---|---|
UIBodyWriter |
add_cr()
Adds a carriage return to the body stream.
|
UIBodyWriter |
add_cr(String text)
Adds the specified string to the body stream,
then adds a carriage return to the body stream.
|
UIBodyWriter |
add(int integer)
Adds an integer to the body stream.
|
UIBodyWriter |
add(String aString)
Adds the specified string to the body stream.
|
UIBodyWriter |
add(UserMessage aUserMessage)
Adds a user message in the current session's locale to the body stream.
|
UIBodyWriter |
addSafeAttribute(String aName,
String aValue)
Adds an HTML attribute to the body stream, following the pattern:
aName="aValue"
If the given attribute value contains double quotes, the quotes will be escaped.
|
UIBodyWriter |
addSafeAttribute(String aName,
UserMessage aValue)
Adds an HTML attribute to the body stream, following the pattern:
aName="aValue"
If the given attribute value contains double quotes, the quotes will be escaped.
|
UIBodyWriter |
addSafeInnerHTML(String text)
Escapes all '<' and '>' characters in the given string, then adds the string to the body stream.
|
UIBodyWriter |
addSafeInnerHTML(UserMessage aUserMessage) |
UIBodyWriter add(String aString)
aString
- body content (HTML or simple text, depending on the document type).UIBodyWriter addSafeInnerHTML(String text)
text
- body content (HTML or simple text, depending on the document type).UIBodyWriter addSafeInnerHTML(UserMessage aUserMessage)
UIBodyWriter addSafeAttribute(String aName, String aValue)
aName="aValue"
If the given attribute value contains double quotes, the quotes will be escaped.
This method must be used to avoid cross-site scripting (XSS) issues.aName
- the name of the attributeaValue
- the value of the attributeUIBodyWriter addSafeAttribute(String aName, UserMessage aValue)
aName="aValue"
If the given attribute value contains double quotes, the quotes will be escaped.
This method must be used to avoid cross-site scripting (XSS) issues.aName
- the name of the attributeaValue
- the value of the attributeUIBodyWriter add(int integer)
integer
- an integer to add to the body.UIBodyWriter add(UserMessage aUserMessage)
aUserMessage
- a user message.UIBodyWriter add_cr()
UIBodyWriter add_cr(String text)
text
- body content (HTML or simple text according the document type).