How to get rid of unwanted markup escaping in form content returned from xforms:textarea? (and for the text in rich text editor?)

Whenever I save data from a xforms:textarea such as to Exist DB something is always escaping the brackets on the mark-up before it is stored - what is doing this? and how do I get rid of the escaping and save real markup from textareas?

I would like to allow users to add their own XML markup free form through some areas in my Orbeon forms such as textareas and search it as XML in the store rather than all garbled. Such as for my content bucket textarea:

<xforms:textarea ref="div" mediatype="text/html" incremental="true">
    <xforms:label>Content</xforms:label>
       <xforms:action ev:event="xforms-value-changed"> 
         <xforms:setvalue ref="xxforms:instance('document-instance')/div"
                        value="xxforms:instance('document-instance')/div"/>
         <xforms:recalculate/> 
       </xforms:action>
</xforms:textarea>

I have been trying all sorts of things to get rid of this and the best progress I have made so far is with saxon:parse() but I can't get the data going both ways in and out of data store and it seems like a hack rather than a solution to my problem e.g.

<xsl:copy-of select="saxon:parse(concat('&lt;div&gt;', string(.), '&lt;/div&gt;'))"/>

In one of the previous threads I read something about the escaping being there to make the system more secure and stop injection which could be a problem for some users. I think the problem for me is that I don't know what is doing the escaping and don't no how to remove it. I want to remove it by default and add my own escaping manually for security only where I really need it! I also noticed there are also several of the demo files for XSLT and XQuery escaped which I found confusing as I couldn't easily search those out either and their contents are viewed as XML in the sandbox areas.

From further investigation in previous threads it appears that XFORMS/Orbeon currently has some issues using mixed content - this seems like a fairly big issue as most of the top mark-up lanaguages have mixed content such as docbook, xhtml, rss etc. There seem to be a lot of different work arounds using Java replace functions or two extention functions that were recommended on previous threads which could be used either from XFORMS or XSLT which were:

XML to xhtml use saxon:serialize()
XHTML to XML by using saxon:parse()

I hope to use these functions from XFORMS... My instance is bound to the schema and may know that my content div can contain any valid XML. I tried something like the following but it is not working

<xforms:textarea ref="div" mediatype="text/html">
   <xforms:label>Content</xforms:label>
   <xforms:action ev:event="xforms-value-changed"> 
     <xforms:setvalue ref="saxon:serialize(xxforms:instance('document-instance')/div)"
                             value="saxon:parse(xxforms:instance('document-instance')/div)"/>
     <xforms:recalculate/> 
   </xforms:action>
</xforms:textarea>

Does anyone know how to implement these functions in the XFORMS? do I need to add binds as well as the schema bind? or how should I use functions differently?

Gary,

The textarea, just like other XForms controls, only sets the text
inside the node it is bound to. It is even an error to bind a control
to an element that contains other elements. This explain the
"escaping" behavior you see. So like you said, if you need to have
XML, you'll need to use saxon:parse() on the node bound to the
textarea, and store that XML somewhere else. You can use this function
in XForms.

Alex


On Wed, Mar 10, 2010 at 3:24 AM, Gary C <[hidden email]> wrote:

--
Orbeon Forms - Web forms, open-source, for the Enterprise -
http://www.orbeon.com/
My Twitter: http://twitter.com/avernet


--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws