• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: ERXLocalizer.localizedValueForKey and unwanted method invocation
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ERXLocalizer.localizedValueForKey and unwanted method invocation

  • Subject: Re: ERXLocalizer.localizedValueForKey and unwanted method invocation
  • From: Lachlan Deck <email@hidden>
  • Date: Tue, 16 Feb 2016 22:54:22 +1100
Hi Sharpy,

I suspect using similar techniques to the prevention of sql injection as so on would be needed here.
i.e., the string should be encoded / deencoded before being passed to or read from localizedValueForKey.

cheers,
Lachlan

> On 16 Feb 2016, at 9:16 PM, email@hidden wrote:
>
> Hello list,
>
> I’ve been using ERXLocalizedString for render time localisation support.
>
> It recently fell over when an EO attribute value was bound starting with the character '@'.
>
> The KVC support in ERXLocalizer.localizedValueForKey identifies my String as containing the _localizerMethodIndicatorCharacter char ('@') at index position 0. Since my string (eg "@tester") is not one of the NSArray.operatorNames() values it throws InvocationTargetException for ERXLocalizer.tester()
>
> For now I'm wrapping my attribute value in my component class and returning the value of ERXStringUtilities.localizedStringForKey which bypasses ERXLocalizer and calls WOApplication.application().resourceManager().stringForKey( key, "Localizable", key, framework, languages) directly.
>
> I do enjoy the convenience of ERXLocalizedString though. I'm thinking of perhaps adding a binding to indicate that I don't require keypath resoltion, and it could just call ERXStringUtilities.localizedStringForKey
>
> Any other suggestions?
>
> Thanks,
>
> Sharpy..
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Webobjects-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >ERXLocalizer.localizedValueForKey and unwanted method invocation (From: "email@hidden" <email@hidden>)

  • Prev by Date: ERXLocalizer.localizedValueForKey and unwanted method invocation
  • Next by Date: Apache 2.4 WebObjects adaptor for CentOS 6 i86_64
  • Previous by thread: ERXLocalizer.localizedValueForKey and unwanted method invocation
  • Next by thread: Apache 2.4 WebObjects adaptor for CentOS 6 i86_64
  • Index(es):
    • Date
    • Thread