I'm porting an older grails application to the new version (2.3.7), and I'm getting an error I don't know how to fix... Anyone here got any ideas?
On one of the webpages, I have a semi-large javascript calculating amounts. The site is multi-language, so the calculation and formatting of the amount is country-dependant. The code looks something like this:
<script type="text/javascript">
<!--
... a lot of other javascript
// format an amount to display - country dependant
function formatAmount (amount) {
${country.javaScriptAmount}
}
... a lot of other javascript
//-->
</script>
The code for formatting amounts is in the per-country-constants variable "country" - it's a constant string (and declared "final"). In the old grails-version this worked fine, and the rendered page look like this:
// format an amount to display - country dependant
function formatAmount (amount) {
... other code
var krString
if (kkr > 0)
if (kronor < 10)
krString = kkr + " 00" + kronor
else if (kronor < 100)
krString = kkr + " 0" + kronor
else
krString = kkr + " " + kronor
else
krString = kronor.toString ()
... other code
}
But in the new version it looks like this:
function formatAmount (amount) {
... other code
var krString
if (kkr > 0)
if (kronor < 10)
krString = kkr + " 00" + kronor
else if (kronor < 100)
krString = kkr + " 0" + kronor
else
krString = kkr + " " + kronor
else
krString = kronor.toString ()
... other code
}
How can I stop grails from converteing /" to >/</" when rendering the value of a variable in the GSP-file? I'd be most grateful for some advice! :-)
Anders from Sweden
To prevent Cross Site Scripting grails escapes all content in ${} expressions.
You could force grails to stop encoding your expressions by using the raw codec like this:
${raw(country.javaScriptAmount)}
or
<g:encodeAs codec="Raw">
${country.javaScriptAmount}
</g:encodeAs>
or
${country.javaScriptAmount.encodeAsRaw()}