My favorites | Sign in
Project Home Issues
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 400: Option to skip htmlEscape()
1 person starred this issue and may be notified of changes. Back to list
Status:  WontFix
Owner:  ----
Closed:  Mar 2010


Sign in to add a comment
 
Reported by JamesIArmes@gmail.com, Mar 15, 2010
I'm trying to return HTML and in some cases special characters (such as &) 
for my events.  However, the title always gets passed to htmlEscape() and my 
contents are displayed as the actual HTML that is passed in.  In my case, I 
know that the HTML is clean and don't need this function to be called at 
all, so it would be nice if there were an option to skip it.

In the mean time, I have added a callback for eventRender that simply re-
writes the contents of the title span.  This is not ideal, but it prevents 
future breakage whereas modifying htmlEscape() to always return s would 
break on a future update.
Mar 15, 2010
Project Member #1 adamrs...@gmail.com
can you give me more examples of what you are trying to put in your titles? you should 
be able to achieve special characters easily w/ the literal unicode characters in the 
title string (granted you have the correct html encoding type). also, if you wanted a 
'&' character, you would just include a single '&' character in the string, not 
'&'
Mar 16, 2010
#2 JamesIArmes@gmail.com
The ampersand is one of the characters I am having issues with. Quotes, non-breaking 
spaces and some UTF-8 characters are also causing issues. There are also HTML tags 
such as strong, em and even the occasional br or img.

I could call html_entity_decode() in PHP before returning the events, but I really 
don't like this idea since only the ampersand is going to be re-encoded. It also 
seems like extra work to decode characters just so they can be encoded again. This 
also doesn't solve the issue with the HTML tags.

Thanks for such a quick response.
Mar 29, 2010
#3 jprof...@gmail.com
I also needed the ability to skip htmlEscape().  I wound up doing alot of
customization of the uncompressed fullcalendar.js.  needed the ability to insert
images, css formatting, etc in events.

Of course, removing htmlEscape() means you need to be careful of what you send to the
client, so if you go this router, be sure you properly escape data, otherwise it will
break the view or throw a js error.
Mar 30, 2010
Project Member #4 adamrs...@gmail.com
an option to skip htmlEscape seems like a hacky solution and would be a pitfall for 
many people. your best bet is to do html manipulation in eventRender:
http://arshaw.com/fullcalendar/docs/event_rendering/eventRender/
Status: WontFix
Jan 11, 2011
#5 vai...@manoakys.lt
Personally me, wanted to use some html in columnFormat week view. Simply i've added span for extra design formatting:
columnFormat: {week: '\'<span class="big_day">\'d\'d.\',\'</span>\' dddd'}

Everything works until day change, where html escape starts escaping column title string...
Feb 12, 2011
Project Member #6 adamrs...@gmail.com
this is actually going to be fixed in the upcoming 1.5...
Sign in to add a comment

Powered by Google Project Hosting