Jump to content

Safeguarding against malformed HTML


mambabomba
 Share

Recommended Posts

Hi,I'm working on a website that will include views for a product catalog as well as individual products.The products' descriptions will be entered by people with no knowledge of HTML and, as the test run we did shown, they will be riddled with errors - the most common of which are missing, misplaced or redundant closing tags.I wonder if there is a way to encapsulate the unsafe HTML other than with frames?

Link to comment
Share on other sites

maybe you should give them sort of BBC code editor like the one used in the forums, so that way then can input text, and then just choose the formatting they want with any of the given options/button, rather than forcing them to write their own HTML tags.

Link to comment
Share on other sites

HTML can't do anything, much less actually perform input validation. It's just a markup language. You're best off trying to fix it on the server-side, when the descriptions are submitted for storage.

Link to comment
Share on other sites

Rather than using a plain textarea, have you looked into using a WYSIWYG editor? TinyMCE is pretty good.Another alternative is to create a display area where the user's HTML shows up formatted text, rather than as a string of HTML text.Both require a touch of JavaScript, but not much.

Edited by Deirdre's Dad
Link to comment
Share on other sites

Thank you all for your help, seems like server-side cleanup it is.@Deirdre's DadWe are using a WYSIWYG editor, but it is rare for people to just type in the text and apply the formatting - usually they write in Word and copy from there, or copy existing HTML, or mix and match all three methods. And just to top it off add the HTML imported from clients and partners - much more of it and usually in much worse shape.@Synook Just to pick some nits, if HTML don't do nothin' then you could say the same of any other language - it is the interpreting program (or machine, or whatever) that does stuff. In HTML's case it's the browser, and as far as I know those things actually do fix the markup, or at least they try. What I was hoping for with my original question was a way to tell the browser that when it is doing the cleanup it should treat the specified portion of the document as a separate entity, fix its markup, and only then merge it with the rest of the document.

Link to comment
Share on other sites

Thank you all for your help, seems like server-side cleanup it is.@Deirdre's DadWe are using a WYSIWYG editor, but it is rare for people to just type in the text and apply the formatting - usually they write in Word and copy from there, or copy existing HTML, or mix and match all three methods. And just to top it off add the HTML imported from clients and partners - much more of it and usually in much worse shape.@Synook Just to pick some nits, if HTML don't do nothin' then you could say the same of any other language - it is the interpreting program (or machine, or whatever) that does stuff. In HTML's case it's the browser, and as far as I know those things actually do fix the markup, or at least they try. What I was hoping for with my original question was a way to tell the browser that when it is doing the cleanup it should treat the specified portion of the document as a separate entity, fix its markup, and only then merge it with the rest of the document.
HTML doesn't do anything. It can't manipulate information in any way. HTML is just a language that tells the browser how to display the information.
Link to comment
Share on other sites

The point I was trying to make is that HTML isn't a programming language, you can't perform computational tasks (such as validation) using it. Actual programming languages (at least imperative ones) describe processes that can be executed by a computer, but HTML just describes content. Sorry if I came across as facetious - I was just trying to highlight the functional difference between markup and programming languages, and the expectations you should have for both types.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...