Solved

Processing XML

Posted on 2013-11-13
21
278 Views
Last Modified: 2013-11-22
I'm trying to create a string (from data inside an XML file) on the server then send it back to the client where it can be rendered using JavaScript.  Can anyone provide me a list of characters that cannot be embedded within a string?

Is there a way to filter out these characters?

I believe their are some characters that cannot be process due to security issues.  I just don't know which ones.

This appears to only happen when an element within the XML file contains

!DOCTYPE html PUBLIC
0
Comment
Question by:Ray Turner
21 Comments
 
LVL 30

Expert Comment

by:Alexandre Simões
ID: 39647492
First thing is that if you're building data on the server to be processed in the client by javascript it should be in JSON, not XML...
1. It's much easier to manipulate
2. It's way less data on the wire

This said, and concerning the special chars, it really depends on what you're doing with that data. If it's a string it can be whatever. Just be careful with the markup you generate.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39647594
Just to add that you can URL encode the string on the server and send that to the browser.  I prefer to use htmlentities if you're using PHP as it will send the special characters as html codes: http://php.net/manual/en/function.htmlentities.php

see here for a simple example:
http://jsbin.com/iJisUtin/2/edit

window.onload = function() {
  document.body.innerHTML = '<!DOCTYPE html PUBLIC>';
 
};
0
 
LVL 28

Expert Comment

by:sybe
ID: 39647709
The question is unclear to me.

There is no list of characters that can not be embedded in a string.
If you mean to ask about invalid characters in an XML document, yes there are.
But you do not have to worry about it if you build XML using an XML object instead of building a string which you hope to be valid XML.
0
 

Author Comment

by:Ray Turner
ID: 39648108
So WriteXml takes care of the invalid characters?
0
 

Author Comment

by:Ray Turner
ID: 39648264
Here's exactly what I'm trying to do:
1. Store data in XML
2. Query the data using LINQ
3. The results are sent back to the client
4. Data is then rendered using JavaScript setting innerHTML

document.getElementById('data').innerHTML  = [Value Returned];

This does not  work when the data returned contain DOCTYPE.  That's why I wonder if some character(s) could be the cause of this behavior.

Any ideas???
0
 

Author Comment

by:Ray Turner
ID: 39648858
Here the block of XML data I can't read.

<?xml version="1.0" standalone="yes"?>
<NewDataSet>
  <xs:schema id="NewDataSet" xmlns="" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
    <xs:element name="NewDataSet" msdata:IsDataSet="true" msdata:UseCurrentLocale="true">
      <xs:complexType>
        <xs:choice minOccurs="0" maxOccurs="unbounded">
          <xs:element name="Services">
            <xs:complexType>
              <xs:sequence>
                <xs:element name="ID" type="xs:int" minOccurs="0" />
                <xs:element name="Title" type="xs:string" minOccurs="0" />
                <xs:element name="Description" type="xs:string" minOccurs="0" />
                <xs:element name="Inactive" type="xs:boolean" minOccurs="0" />
                <xs:element name="DisplayOrder" type="xs:int" minOccurs="0" />
              </xs:sequence>
            </xs:complexType>
          </xs:element>
        </xs:choice>
      </xs:complexType>
    </xs:element>
  </xs:schema>
  <Services>
    <ID>5</ID>
    <Title>Provide information on interviewing</Title>
    <Description>&lt;!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"&gt;
&lt;html xmlns="http://www.w3.org/1999/xhtml"&gt;
      &lt;head&gt;
            &lt;meta http-equiv="Con</Description>
    <Inactive>false</Inactive>
    <DisplayOrder>4</DisplayOrder>
  </Services>
  <Services>
    <ID>6</ID>
    <Title>Conduct training sessions, workshops or seminars</Title>
    <Description />
    <Inactive>false</Inactive>
    <DisplayOrder>5</DisplayOrder>
  </Services>
</NewDataSet>
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39649319
What's your JavaScript code? Can you post what you've got so far? The data on the xml looks fine and its url encoded with html entities already so I can't see an obvious issue without seeing your JavaScript code
0
 

Author Comment

by:Ray Turner
ID: 39649408
This is JQuery.

            var myResults = e.result.split('|');

            $("#BulletPoints").hide('fast');

            $('#BulletPoints').html(myResults[0]);

            $("#BulletPoints").fadeIn(800);
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39649433
ok thanks for that (fyi jquery is javascript).

What is in the result that you are wanting to split?

Can you please put console.log(result); before that line and post what that returns in the console (press F12 and click on the console tab).  I suspect that the string isn't always a pipe (|) separated file?
0
 

Author Comment

by:Ray Turner
ID: 39649532
Here's the string it is returning:

"<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">" & vbLf & "<html xmlns="http://www.w3.org/1999/xhtml">" & vbLf & "      <head>" & vbLf & "            <meta http-equiv="Con"

It never makes it to the JavaScript.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39649579
When you say it never makes it to the javascript how do you know that is the string it is returning?  Was that the output to the "console.log"?
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39649591
the test above should be console.log(e.result); - my mistake.

Can you post the link your jquery is using to get the data?  I can then set up a test online to show you how to get the data into your webpage.
0
 

Author Comment

by:Ray Turner
ID: 39650040
A callback for JavaScript executes the following code on the server

     Dim doc = XDocument.Load(MapPath(Application("AppData") + "Services.xml"))
         Dim query = From Services In doc...<Services> _
                           Where Services.<ID>.Value = CInt(e.Parameter) _
                                 Select Services.<ID>.Value, _
                                 Services.<Description>.Value

This LINQ query returns the following string
"<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">" & vbLf & "<html xmlns="http://www.w3.org/1999/xhtml">" & vbLf & "      <head>" & vbLf & "            <meta http-equiv="Con"

Any query that do not return a string of this type works.
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39650076
Ok if that's the case what are you wanting do with that string? what if do want show?  JavaScript can parse the xml giving you access an dom object that can traverse get individual elements value the xml
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39650142
As i see it the hardest part is knowing what is going to be returned to the javascript.  Please do some tests with the console.log(e.result) and post when you get.
0
 

Author Comment

by:Ray Turner
ID: 39650405
I may have found the problem.

I modified the JavaScript to the following.  And it works!  I just need to remove the '& vbLf &'

I'll let you know what I find.

            var myResults = e.result.split('|');

            $("#BulletPoints").hide('fast');

            var test = '"<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">" & vbLf & "<html xmlns="http://www.w3.org/1999/xhtml">" & vbLf & "      <head>" & vbLf & "            <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>" & vbLf & "            </title>" & vbLf & "            <style type="text/css">" & vbLf & "                  .cs37063928{text-align:left;margin:0pt 0pt 0pt 0pt;list-style-type:disc;color:#000000;background-color:transparent;font-family:Arial;font-size:12pt;font-weight:normal;font-style:normal}" & vbLf & "                  .csE8AC24F0{color:#000000;background-color:transparent;font-family:Arial;font-size:12pt;font-weight:normal;font-style:normal;}" & vbLf & "                  .cs2654AE3A{text-align:left;text-indent:0pt;margin:0pt 0pt 0pt 0pt}" & vbLf & "                  .cs63EB74B2{color:#000000;background-color:transparent;font-family:Times New Roman;font-size:12pt;font-weight:normal;font-style:normal;}" & vbLf & "            </style>" & vbLf & "      </head>" & vbLf & "      <body>" & vbLf & "            <ul style="margin-top:0;margin-bottom:0;">" & vbLf & "                  <li class="cs37063928"><span class="csE8AC24F0">Understand the process of career preparation. </span></li><li class="cs37063928"><span class="csE8AC24F0">Understand the differences between career development, career planning and management. Identify accomplishments, strengths, and limitation. </span></li><li class="cs37063928"><span class="csE8AC24F0">Identify key and support players to build a viable network. </span></li><li class="cs37063928"><span class="csE8AC24F0">Recognize/accept responsibility for self-awareness. </span></li><li class="cs37063928"><span class="csE8AC24F0">Construct a career development roadmap. </span></li><li class="cs37063928"><span class="csE8AC24F0">Become familiar with Career Development Planning and Management Tools.</span></li></ul>" & vbLf & "            <p class="cs2654AE3A"><span class="cs63EB74B2">&nbsp;</span></p></body>" & vbLf & "</html>" & vbLf & ""';

            $('#BulletPoints').html(test);

            //$('#BulletPoints').html(myResults[0]);

            $("#BulletPoints").fadeIn(800);
0
 
LVL 42

Expert Comment

by:Rob Jurd, EE MVE
ID: 39650476
it's easy enough for the javascript to remove all the vbLf using the replace / regex function.  I would then parse it as html and pull out the detai you need, eg just the html within the body.

test = test.replace(/&[ ]+vbLf[ ]+&/g,"");
test = test.replace(/\"/g,"");
0
 

Author Comment

by:Ray Turner
ID: 39650950
Thanks tagit,

I need to do that on the server, then send the string back to the client.  Do you have a Visual Basic version of this?

By the way, I'm using the new Visual Studio 2013 that was just released earlier this week.  This may be a bug :)
0
 

Accepted Solution

by:
Ray Turner earned 0 total points
ID: 39654074
Thanks.  I wrote the following code to resolve the issue.

   Shared Function RemoveDOCTYPE(inString As String) As String
      Dim ret As String = inString

      If inString.Contains("<!DOCTYPE") Then
         Dim pos1 As Integer = ret.IndexOf("<!DOCTYPE html")
         Dim pos2 As Integer = ret.IndexOf("/>", pos1)

         ret = ret.Substring(pos2 + 2)
         ret = ret.Replace("<title>", "")
         ret = ret.Replace("</title>", "")
         ret = ret.Replace("</head>", "")
         ret = ret.Replace("<body>", "")
         ret = ret.Replace("</body>", "")
         ret = ret.Replace("</html>", "")
      End If

      Return ret
   End Function
0
 
LVL 42

Assisted Solution

by:Rob Jurd, EE MVE
Rob Jurd, EE MVE earned 500 total points
ID: 39654101
Good job, beat me to it ;)  Just be aware that <head> and <body> tags will still be present in the xml you're sending so it could still have unexpected results.
0
 

Author Closing Comment

by:Ray Turner
ID: 39668426
This is appears to be the best solution.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Many times as a report developer I've been asked to display normalized data such as three rows with values Jack, Joe, and Bob as a single comma-separated string such as 'Jack, Joe, Bob', and vice versa.  Here's how to do it. 
This article discusses how to create an extensible mechanism for linked drop downs.
In this tutorial viewers will learn how to embed Flash content in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <object> tag to embed Flash content.: To specify that the object is Flash content, d…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now