[seam-dev] @WebSafe annotation
Kevin Pollet
pollet.kevin at gmail.com
Sun Jun 12 10:34:40 EDT 2011
Hi all,
+1
I think it's useful to allow customization of the constraint. As said Shane
the annotation should provide an enum allowing to use all built-in JSoup
whitelist and allow the user to specify its whitelist implementation.
--Kevin
Le dimanche 12 juin 2011 à 13:14, Gunnar Morling a écrit :
> Hi George,
>
> I added some comments to your pull request.
>
> With respect to Shane's whitelist suggestion you might have a value()
> attribute accepting an enumeration with the standard whitelist
> implementations and alternative attribute Class<? extends Whitelist>
> whiteListClass() which allows to specify custom whitelist classes.
>
> --Gunnar
>
>
> 2011/6/12 George Gastaldi <gegastaldi at gmail.com (mailto:gegastaldi at gmail.com)>:
> > Cool ideas. Will implement it ASAP
> >
> > Em 12/06/2011, às 02:06, Shane Bryzak <sbryzak at redhat.com (mailto:sbryzak at redhat.com)> escreveu:
> >
> > > Looks good, although I wouldn't hard code Whitelist.basic() as the default... instead I would make Whitelist.relaxed() the default, and then perhaps allow the developer to override it by specifying an enum value for the validation level allowed on the @WebSafe annotation. E.g:
> > >
> > > // Default would use Whitelist.relaxed()
> > > private @WebSafe String content;
> > >
> > > // This would use the basic whitelist
> > > private @WebSafe(basic) String content;
> > >
> > > // Basic whitelist plus images
> > > private @WebSafe(basicWithImages) String content;
> > >
> > > It would even be nice to somehow allow the developer to specify their own whitelist, if you can work out an elegant way to implement it.
> > >
> > >
> > > On 12/06/11 12:46, George Gastaldi wrote:
> > > > Hey Shane,
> > > >
> > > > I implemented the @WebSafe annotation you mentioned on Hibenate Validator.
> > > > The pull request is https://github.com/hibernate/hibernate-validator/pull/61
> > > >
> > > > Regards,
> > > >
> > > > George Gastaldi
> >
> > _______________________________________________
> > seam-dev mailing list
> > seam-dev at lists.jboss.org (mailto:seam-dev at lists.jboss.org)
> > https://lists.jboss.org/mailman/listinfo/seam-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/seam-dev/attachments/20110612/186946d2/attachment.html
More information about the seam-dev
mailing list