Escaping special characters in RAW/BLOB

Hi!
I have a BLOB column that needs to be exported into a CSV Textfile. Sounds a bit scary but works fine when you escape the critical bytes.
I need to do the following replacement:
5C -> 5C 5C ( = \ )
22 -> 5C 22 ( = " )
00 -> 5C 30 ( = ?? )
0A -> 5C 0A ( = LF )
0D -> 5C 0D ( = CR )
If I use the replace function on my raw string, I can replace the bytes representing characters or numbers without a problem. " and \ also works fine but the nonprintable ones don't work - I guess implicit type conversion to varchar is the cause.
Anyway, I want to replace this stuff, but I couldn't find any native binary replace function. How can this be done? Do I have to write my own function? I fear byte by byte manipulation in PL/SQL on large data will not be very performing...
Thanks, Mac

so here's my function, feel free so use
function get_raw_escaped (
pv_data_source raw
return raw
is
lv_data_escaped raw(32767) := null;
lv_length          number;
lv_offset          number;
lv_chunk_bin     raw(100);
lv_chunk_hex     varchar2(100);
begin
     lv_length := utl_raw.length(pv_data_source);
     if lv_length = 0 then return null; end if;
     for lv_offset in 1..lv_length loop
          lv_chunk_bin := utl_raw.substr (pv_data_source, lv_offset, 1);
          lv_chunk_hex := rawtohex(lv_chunk_bin);
          CASE lv_chunk_hex
               WHEN '00' THEN lv_chunk_hex := '5C30';
               WHEN '0A' THEN lv_chunk_hex := '5C0A';
               WHEN '0D' THEN lv_chunk_hex := '5C0D';
               WHEN '22' THEN lv_chunk_hex := '5C22';
               WHEN '5C' THEN lv_chunk_hex := '5C5C';
          ELSE null;
          END CASE;
          lv_chunk_bin := hextoraw(lv_chunk_hex);
          lv_data_escaped := utl_raw.concat(lv_data_escaped, lv_chunk_bin);
     end loop;
     return lv_data_escaped;
end;

Similar Messages

  • SQL Injections and XSS - Escaping Special Characters

    Hi, hope someone can help in regards to security and SQL Injections and XSS.
    We are using APEX 4.0.2 on Oracle 11.2.0.2.
    1. It seems the special characters we have entered into normal 'Text Items' 'Text Areas' etc are not being escaped (ie <,>,&, '). If I enter them into the field (ie Surname) they are saved as is into session state and the database - no escaping. Am I missing something such as an environment setting as I thought the "smart" oracle escaping rules would cater for this.
    Surely I don't have to manually do each of then.
    Just to confirm, am I looking in the correct places to assess if the characters are escaped or not - ie should they show as '&amp;&lt;&gt;' in session state and/or the database ?
    2. Also, for the Oracle procedures such as '‘wwv_flow.accept’ , ‘wwv_flow.show’ , 'wwv_flow_utilities.show_as_popup_calendar' - do these escape special characters. If not, then they must be vulnerable to SQL Injections attacks.
    Thx
    Nigel

    Recx Ltd wrote:
    Just to pitch in, escaping values internally (either in the database or session state) is extremely problematic. Data searches, string comparison, reporting and double escaping are all areas which suffer badly when you do this.
    Stripping characters on input can also cause problems if not considered within the context of the application. Names such as "O'Niel", statistical output such as "n < 300", fields containing deliberate HTML markup can be annoying to debug. In certain situations stripping is totally ineffective and may still lead to cross-site scripting.
    Apex applications that share the database with other applications will also be affected.
    The database should contain 'raw' unfettered data and output should be escaped properly, as Joel said, at render time. Either with Apex attributes or using PLSQL functions such as htf.escape_sc() as and when required.Do not needlessly resurrect old threads. After a couple of months watches expire and the original posters are not alerted to the presence of your follow-up.
    Shameless plug: If you are in the game of needing to produce secure Apex code, you should get in touch.This crosses the line into spam: it violates the OTN Terms of Use&mdash;see 6(j).
    Promotional posts like this are liable to be removed by the moderators.

  • How to escape special characters in Simple Transformation

    Hi Experts,
    I have got a problem to get a well formed xml document from the below simple transformation. The content of maktx contains
    special characters like & <, which are not allowed in a well formed XML-Document. But the result of the Simple Transformation
    contains this charcters even after the transformation as you can the in the result below. Has anyone a hint how to escape the
    characters included in the maktx.
    The transformation for maktx, should be something like
    Before: Material & < TEST
    After: Material &amp &lt TEST
    Report wihich calls the simple transformation
    types:
    BEGIN OF t_mat,
       matnr type matnr,
       maktx type maktx,
    end of t_mat.
    Data:
      mat type t_mat,
      xml_stream type xstring.
    START-OF-SELECTION.
    mat-matnr = '4711'.
    mat-maktx = 'Material & < Test'.
    CALL TRANSFORMATION ztest_st2
            SOURCE mat = mat
            RESULT XML xml_stream.
    CALL FUNCTION 'DISPLAY_XML_STRING'
      EXPORTING xml_string = xml_stream.
    Simple Transformation
    <?sap.transform simple?>
    <tt:transform xmlns:tt="http://www.sap.com/transformation-templates">
      <tt:root name="MAT"/>
      <tt:template>
        <Leistungsschild>
            <CHARACT> MATNR </CHARACT>
            <CHARACT_DESCR> Materialnummer </CHARACT_DESCR>
            <VALUE tt:value-ref="MAT.MATNR"/>
            <CHARACT> MAKTX </CHARACT>
            <CHARACT_DESCR> Materialkurztext </CHARACT_DESCR>
            <VALUE tt:value-ref="MAT.MAKTX" />
        </Leistungsschild>
      </tt:template>
    </tt:transform>
    RESULT
    <?xml version="1.0" encoding="utf-8" ?>
    <Leistungsschild>
      <CHARACT>MATNR</CHARACT>
      <CHARACT_DESCR>Materialnummer</CHARACT_DESCR>
      <VALUE>4711</VALUE>
      <CHARACT>MAKTX</CHARACT>
      <CHARACT_DESCR>Materialkurztext</CHARACT_DESCR>
      <VALUE>Material & < Test</VALUE>   </Leistungsschild>

    Hi Sandra,
    First of all thaks for your quick answer to my problem.
    I see what you mean and get the same result, if I am using data-type string instead of xstring. But the recommendation in the XML-Books of SAP is to use XSTRING to save memory and circumflex problems between Codepages, when writing the XML-Stream to a filesystem.
    As you can see in the code abvoe I am using a SAP-FM to display the XML-Stream and this FM works only with XSTRING´s,
    that is one reason why I don´t understand that it displays it in the wrong way.
    Even the Debugger shows me for the XSTRING the wrong result. Does all that mean that the escaping will not be applyed if you are working with XSTING´s??

  • Escape special characters in url for redirection

    In my web page, I want all the characters of the URL to be lower case. For that I created the following method:
    private bool UrlFormatoCorrecto(string url)
    bool formatoCorrecto = true;
    bool upperCa = url.Any(c => char.IsUpper(c));
    if (url.Any(c => char.IsUpper(c)))
    formatoCorrecto = false;
    if (url.Contains(" ") || url.Contains("+"))
    formatoCorrecto = false;
    return formatoCorrecto;
    This works like a charm until a special character appears. The url that I get then will be the following:
    http://localhost/web/coches/proven%C3%A7a-aribau,-08036-barcelona,-barcelona
    So I have upper case characters. When I redirect it using the following code:
    if (!UrlFormatoCorrecto(urlActual))
    Response.RedirectPermanent(urlActual.Replace(" ", "-").Replace("+", "-").ToLower());
    I get the code again with the same URL with upper case. How can I escape the special characters so they won't bother me anytime I want to make the redirection?

    hello,
    you could escape special caracters with :
    Regex.Escape Method
    Regards
    Cédric

  • Strategies for escaping special characters.

    Hi all,
    Our app(built using Workshop) needs to have a generic way of scrubbing special
    characters that a user might enter in the UI,and which might cause our sql that
    queries the DB to become malformed. To explain further,some of our DB controls
    are not using PreparedStatements to set Strings..instead, we are constructing
    the sql as a java string like:
    String myQuery="Select * from * where TOUPPER(name) like"+param.ToUpperCase().
    and then we do:
    Statement stmt=conn.createStatement();
    stmt.executeQuery(myQuery).
    In such cases, Oracle JDBC driver does not escape any special chars in the String
    param,and fails.Other than converting all our queries to use PreparedStatements,
    is there a generic pattern/Util class(mebbe RequestUtils) or some way of using
    the Servlet Filter API to scrub out any special chars that are input by the user?
    Thanks in advance.
    Vik.

    ServletFilter is the way to go on this one. Don't think there is anything built
    into Servlet spec that handles these characters, however, there are a number of
    sample filters that do such a task. I think there is a sample in either the O'Reilly
    book on Servlets or Core Servlets.
    "Vik" <[email protected]> wrote:
    >
    Hi all,
    Our app(built using Workshop) needs to have a generic way of scrubbing
    special
    characters that a user might enter in the UI,and which might cause our
    sql that
    queries the DB to become malformed. To explain further,some of our DB
    controls
    are not using PreparedStatements to set Strings..instead, we are constructing
    the sql as a java string like:
    String myQuery="Select * from * where TOUPPER(name) like"+param.ToUpperCase().
    and then we do:
    Statement stmt=conn.createStatement();
    stmt.executeQuery(myQuery).
    In such cases, Oracle JDBC driver does not escape any special chars in
    the String
    param,and fails.Other than converting all our queries to use PreparedStatements,
    is there a generic pattern/Util class(mebbe RequestUtils) or some way
    of using
    the Servlet Filter API to scrub out any special chars that are input
    by the user?
    Thanks in advance.
    Vik.

  • Escape special characters for OData response

    Hi all,
    I'm facing a problem on HTTP response when some special characters are in my entity fields.
    For example I've got a Edm.String field which has characters like ###, ", < (two number signs ## are ok, but three invoke an error)
    When I set output format to xml via URI parameter $format=xml, I get following error:
    <message xml:lang="en">In the context of Data Services an unknown internal server error occured</message>
    Exception /IWCOR/CX_DS_INTERNAL_ERROR in class /IWCOR/CL_DS_EP_WRITER_OUTPUT method /IWCOR/IF_DS_EP_WRITER_OUTPUT~WRITE and Line 39
    If I use JSON as output format, HTTP response code is 200!!, but payload just ends on the character which cannot be interpreted:
    (ABAP)-JSON generator can handle double quotes much better than XML format:
    How can I escape these output strings, without adding chars which will appear in response payload?
    Thanks,
    Steffen

    Hi Uwe & Ron,
    thanks for your ideas, but maybe we're not talking about binary data?! This field is an example from TADIR table.
    OData entity definition for this field:
    Versid
    Edm.String
    0
    0
    20
    ABAP field definition:
    Data Type        CHAR  -  Character String
    No. Characters       20
    Decimal Places        0
    Output Length        20
    Convers. Routine    <empty>
    Uwe did you mean another debugger view?
    SE16 output for this line:
    What if I want to store and receive data with these special chars like ####, ", <, >,... in a ABAP char field (respective OData Edm.String)?
    Thanks,
    Steffen

  • Howto escape special characters if using regexp_replace & regexp_substr

    hello experts,
    following test case
    insert into querytest1 (d) values
    ('#1(170):[{"type":"FACEBOOK","count":0,"lastEdition":1382627403299},{"type":"GOOGLE","count":0,"lastEdition":1381825285002},{"type":"EMAIL","count":2,"lastEdition":1381826322925}] #2(0):  #3(5):-3141 #4(5):-3141 #5(5):21804 #6(7):3890750 #7(3):s11');
    select regexp_replace(d, REGEXP_SUBSTR (REGEXP_SUBSTR(d, '[^ ]+', 1, 1), '[^:]+', 1, 2 ),'') from querytest1;
    ERROR at line 1:
    ORA-12726: unmatched bracket in regular expression
    proof that []{} special characters are the problem:
    delete from querytest1;
    commit;
    -- insert data without special characters
    insert into querytest1 (d) values ('#1(170):"type":"FACEBOOK","count":0,"lastEdition":1382627403299,"type":"GOOGLE","count":0,"lastEdition":1381825285002,"type":"EMAIL","count":2,"lastEdition":1381826322925] #2(0):  #3(5):-3141 #4(5):-3141 #5(5):21804 #6(7):3890750 #7(3):s11');
    select regexp_replace(d, REGEXP_SUBSTR (REGEXP_SUBSTR(d, '[^ ]+', 1, 1), '[^:]+', 1, 2 ),'') from querytest1;
    REGEXP_REPLACE(D,REGEXP_SUBSTR(REGEXP_SUBSTR(D,'[^]+',1,1),'[^:]+',1,2),'')
    #1(170)::"FACEBOOK","count":0,"lastEdition":1382627403299,:"GOOGLE","count":0,"lastEdition":1381825285002,:"EMAIL","count":2,"lastEdition":1381826322925,:"EMAIL","count":2,"lastEdition":1381826322925] #2(0):  #3(5):-3141 #4(5):-3141 #5(5):21804 #6(7):3890750 #7(3):s11
    so now it works because there are no special characters []{}
    is there a way to escape them?
    thank you in advance.

    oraman wrote:
    ok you're right I explain from the beginning.
    create table t (q varchar2(4000), d varchar2(4000), result varchar2(4000));
    insert into t (q,d) values ('#1(170):[{"type":"FACEBOOK","count":0,"lastEdition":1382627403299},{"type":"GOOGLE","count":0,"lastEdition":1381825285002},{"type":"EMAIL","count":2,"lastEdition":1381826322925}] #2(0):  #3(5):-3141 #4(5):-3141 #5(5):21804 #6(7):3890750 #7(3):s11',
    'UPDATE mytable set value=:1 , valuec=:2 , longvalue=:3 , doublevalue=:4  WHERE productattrnameid=:5  AND productid=:6   AND context=:7');
    I would like to get the following:
    select result from t;
    UPDATE mytable set value='[{"type":"FACEBOOK","count":0,"lastEdition":1382627403299},{"type":"GOOGLE","count":0,"lastEdition":1381825285002},{"type":"EMAIL","count":2,"lastEdition":1381826322925}]' , valuec=NULL , longvalue=-3141 , doublevalue=-3141  WHERE productattrnameid=21804  AND productid=3890750   AND context='s11';
    the logic is to get the auditing data as ready to execute queries.
    It looks you want to include every parameter where parameter is a pattern prefixed by #p1(lenght):param_value #p2(lenght):param_value etc.
    Something like this?
    set line 1000
    col txt format a200
    with querytest1 as
    select '#1(170):[{"type":"FACEBOOK","count":0,"lastEdition":1382627403299},{"type":"GOOGLE","count":0,"lastEdition":1381825285002},{"type":"EMAIL","count":2,"lastEdition":1381826322925}] #2(0):  #3(5):-3141 #4(5):-3141 #5(5):21804 #6(7):3890750 #7(3):s11' d
      from dual
    select 'UPDATE mytable set value='''|| nvl(trim(regexp_substr (d,'#\d+\(\d+\):([^# ]+)', 1, 1, null, 1 )), 'NULL')||''''
           || chr(10) ||'     , valuec='||nvl(trim(regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 2, null, 1 )), 'NULL')
           || chr(10) ||'     , longvalue='|| nvl(trim(regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 3, null, 1 )),'NULL')
           || chr(10) ||'     , doublevalue='||nvl(trim(regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 4, null, 1 )),'NULL') 
           || chr(10) ||' WHERE productattrnameid='||regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 5, null, 1 )
           || chr(10) ||'   AND productid='||regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 6, null, 1 )  
           || chr(10) ||'   AND context='''||regexp_substr (d,'#\d+\(\d+\):([^#]+)', 1, 7, null, 1 )||''';' txt
      from querytest1;
    Result:
    TXT                                                                                                                                                                                                    
    UPDATE mytable set value='[{"type":"FACEBOOK","count":0,"lastEdition":1382627403299},{"type":"GOOGLE","count":0,"lastEdition":1381825285002},{"type":"EMAIL","count":2,"lastEdition":1381826322925}]'  
         , valuec=NULL                                                                                                                                                                                     
         , longvalue=-3141                                                                                                                                                                                 
         , doublevalue=-3141                                                                                                                                                                               
    WHERE productattrnameid=21804                                                                                                                                                                         
       AND productid=3890750                                                                                                                                                                               
       AND context='s11';                                                                                                                                                                                  
    1 row selected.
    I have a problem formatting the output in the forum but I hope you get it.
    Regards.
    Alberto

  • Urgent!!!!! escape special characters like -,& -

    Hi
    select prt_id from pr_prt where contains(prt_id,'04801\-')>0;
    The above query returns foll
    04801
    04801-04051
    I was expecting the result to be 04801-04051.
    does any one hv any idea abt this?
    This applies to all special characters if they are part of search string.
    regards
    priya
    null

    Interesting question...
    The API says...
    Quotation
    \      Nothing, but quotes the following character
    \Q      Nothing, but quotes all characters until \E
    \E      Nothing, but ends quoting started by \QTry it... and please could you post your code when you're done... I might find it useful... and maybe I can even polish it a bit.... quid pro quo.
    Cheers. Keith.

  • Escaping special characters

    Environment:
    Client: win2k sp4, 10.2 client
    Server: 9.2 on solaris 9
    Is there any way to set an escape character?
    Many times we have '&' characters in strings in procedures, and when I try to compile them sqldeveloper prompts for a value thinking that it is a variable.
    I've tried the default '\', and 'set escape on' doesn't work either.
    Would be even better if there was an option in sqldeveloper to tell it to ignore the '&' character alltogether.
    Thanks.

    not really the answer I was looking for :(
    the devs would end up driving me nuts wondering what all the CHR stuff is in their code.
    i guess for now, i'll just keep using PLedit to compile all the procs that have any special chars.
    ...someday we'll have one tool that does everything ;)

  • Escaping special characters in SECURITY_PRINCIPAL

    I am trying to connect to AD-LDAP with
    env.put(Context.SECURITY_PRINCIPAL, "CN=cn /18,CN=Users,DC=company,DC=com");
    As you can see I have a / character in my DN. I cannot get a context using this security_principal, I am always getting javax.naming.AuthenticationException. When my DN does not contain / or any special character everything works fine. I thought I had to maybe escape / so I tried
    env.put(Context.SECURITY_PRINCIPAL, "CN=cn \\/18,CN=Users,DC=company,DC=com");
    env.put(Context.SECURITY_PRINCIPAL, "CN=cn \\\\/18,CN=Users,DC=company,DC=com");
    env.put(Context.SECURITY_PRINCIPAL, "CN=cn \\\\\\/18,CN=Users,DC=company,DC=com");
    without any success.
    Thanks in advance,
    Nikola

    That did not seem to help. By the way, I was really looking for a more generic answer since for example I have the same problem when my SECURITY_PRINCIPAL DN includes /, \, or ' characters.

  • How to escape special characters in a region title

    I have created a drill down report where the second report is filtered by a value chosen in the first report. I am using &Pn_field. syntax to pass the name of the select value to the region title of the second report. Some of the returned values have a ':' in them and therefore the text does not print after the ':'. How do I escape the ':' in the region title?
    regards
    Paul P

    Paul,
    I think your question is "How do I use f?p URL syntax to pass data values to a page where the data includes a colon?" (Please correct me if that's not the issue.) The answer is, you can't. Same with commas. HTML DB reserves those two characters for the f?p request syntax. You'll have to save the string into the item before the page branch. There is no restriction on what characters can be used in a region title, it's just HTML-formatted text, except that you must escape anything that looks like HTML unless you want the browser to treat it as HTML. There are restrictions, however, on what characters you can pass in URLs in general and you must take care to escape them properly, e.g., ?, &, whitespace.
    And do speak up if I've missed the point.
    Scott

  • Dynamic Images in PDF and Escaping Special Characters

    I used the following to create my own PDFs with dymnamic images:
    http://marcsewtz.blogspot.com/2012_02_01_archive.html (Dynamic Images in PDF - What 32k Limit? )
    I have installed this application on Oracle's free workspace to test.
    The issue I am having is that when there is a special character in the description, such as <>'"& then the the PDF will not open. I have tried using the dmbs_xmlgen.convert to convert the description but haven't had any luck.
    I'm a complete novice with xml. Any help with this is greatly appreciated.
    Thanks,
    Glen

    I have been able to find a solution, but it's not completely perfect. I have changed the "description" field as follows:
    XMLCdata(replace(description,''&'',''and'')) description,
    The characters greater than (>), less than (<), single qoute('), and double quote (") can now all be in the description and will not cause errors. For some reason, I couldn't get the & not to give an error no matter what I tried, so I just replaced the & with the word "and". This solution will work for my needs, but it would be nice to be able to get the & to display.
    Does anyone know of a way to get the & to display correctly?
    Thanks again,
    Glen
    The complete code I am using is below:
    declare
    l_print_layout clob;
    l_xml_data clob;
    begin
    -- load print layout from database
    for c1 in (
    select layout from eba_pdfimg_layouts where id = :P1_LAYOUT
    ) loop
    l_print_layout := wwv_flow_utilities.blob_to_clob(c1.layout );
    end loop;
    -- generate XML data
    for c2 in (
    select dbms_xmlgen.getxml('
    select
    id,
    file_name,
    mime_type,
    XMLCdata(replace(description,''&'',''and'')) description,
    -- description,
    blob2clobase64(image,''Y'') image
    from eba_pdfimg_images
    ') xml_data from dual
    ) loop
    l_xml_data := c2.xml_data;
    end loop;
    -- download print document
    wwv_flow.g_page_text_generated := true;
    apex_util.download_print_document (
    p_file_name => 'image_demo',
    p_content_disposition => 'ATTACHMENT',
    p_report_data => l_xml_data ,
    p_report_layout => l_print_layout,
    p_report_layout_type => 'rtf',
    p_document_format => :P1_FORMAT
    end;

  • Escaping special characters in hidden fields

    I am using a hidden field to pass values to the servlet. I am populating the hidden field from a bean. The hidden field can have any string value. My problem is that the value attribute on my hidden field is double quoted and if there is a double quote in the value of the String from my bean it messes my HTML up. Is there an easy workaround for this?
    e.g.
    <jsp:useBean id="myObject" scope="request" class="MyObject"/>
    <input type="hidden" name="myValue" value="<%=myObject.getValue()%>">
    If myObject.getValue() returns a string: 60" Mower this will mess my HTML up.
    Any suggestions?

    First off, Is the Pattern and Matcher specific to JDK 1.4.1? We are currently using 1.2.2? If this is a viable solution, is there a similar one in JDK 1.2.2?
    Also, I still don't think it's possible in HTML to escape characters that are values of attributes. Try running the following HTML code:
    <html>
    <head>
       <script language="JavaScript">
       function getHiddenValue(){
          alert(document.myForm.hiddenDescription.value);
       </script>
    </head>
    <body>
       <form name="myForm">
       <p>
          <input type="hidden" name="hiddenDescription" value="60\" Mower">
       </p>
       <p>
          <input type="button" onclick="getHiddenValue()" value="Hidden Field">
       </p>
       </form>
    </body>
    </html>

  • Escaped (special) Characters Aren't Rendering Properly

    We upgraded our development server from apex 3.0 to 3.1 recently and I notice now that escaped characters on one of my pages don't display properly. Specifically, in my "Display as Text (saves state)" item, the text <p>
    &.#.9.5.5.2.;.&.#.9.5.5.2.;. New Sheet &.#.9.5.5.2.;&.#.9.5.5.2.;. <br>
    (The item definition doesn't contain any of the periods)
    <p>
    that displays on our production (3.0) server like this <p>
    ══ New Sheet ══<p>
    displays on our development server literally like this<p>
    &.#.9.5.5.2.;.&.#.9.5.5.2.;. New Sheet ... (excluding the periods)<p>
    The item source is "pl/sql function body" and the source expression is a simple series of if statements that returns the appropriate escaped text.
    Any idea what I can do to fix this problem?

    Hi Tom,
    I researched this issue (and Scott will vet my conclusion).
    I apologize for changing the behavior of your production application. This change was made to fix a different bug (6707591) in Application Express, where entity references were not properly being escaped when rendering a page.
    Even though this change will cause a change in behavior of an existing application, I believe this change is correct and should remain. For an item type of Display as Text (saves state)", and the source value of this item is:
    &amp;#9552;&amp;#9552; New Sheet &amp;#9552;&amp;#9552;
    when someone submits the page, session state will be updated with the interpreted and non-escaped value. I.e, the session state value would now be:
    &#9552;&#9552; New Sheet &#9552;&#9552;
    This is incorrect.
    This is the way this item type "Display as Text (saves state)" should have behaved all along. If you do not wish to have the item value escaped on rendering, then, as Scott suggested, the item type "Display as Text (does not save state)" should be used.
    Thanks for pointing this out.
    Joel

  • Escaping special characters in xml

    I have an XML file that has answers to a quiz done in Flash
    and AS 1.0. One of the questions has answers in the form of ">
    1" "< 1". This particular answer is referring to less than a
    year or more than a year. The < doesn't show up at all in the
    answers screen, probably because it needs to be escaped. Is that
    possible or do I need to spell out the answer. BTW, is in French
    which I don't speak so i am opting for keeping the answers as they
    are, and work around the problem by escaping, had it been Spanish
    or English I would rewrite the answers comfortably. Any suggestions
    would be greatly appreciated. Encoding for the XML file is xml
    version="1.0" encoding="utf-8"

    &lt;
    &amp;
    &gt;
    &apos;
    &quot;

Maybe you are looking for

  • Standard report on Stock Status

    Hi, I need stock report in Inventory with the following output fields, 1.Material 2.Material Description 3.Flagged Material For deletion (Yes/No) 4.Plant 5.Storage Location 6.Division 7.Valuated Stock (Qty & Value) 8.Consignment Stock (Qty & Value) 9

  • P&L - Result of period shown in equity

    Hello By default SAP transfer the result of the period in Balance sheet+P/L account statement in 'next' period. In other words to check the balance of debet/credit you have to summarize assets, liabilities and p/l. Is it in any way possible to see th

  • TS1382 My I-Pod will not accept a charge.  The battery icon I normally see while charging is not visible on the screen.  The cord works fine to charge my I-Pad.

    My I-Pod will not accept a charge.  The battery icon I normally see while charging is not visible.  The cord works when charging my I-Pad.  Any ideas?

  • Column ID of a UDF

    Does anyone know how to reference a column id of a UDF in a formatted search? Say you have a UDF called "netprice" on the marketing document line level. You could reference this new field as 'rdr1.u_netprice' in a formatted search on a sales order no

  • Problem with RRI

    Hi All i have 8 reports 4 Overviewview and 4 Detailed they are linked using RRI as Overview A --> Detailed A Overview B --> Detailed B Overview C --> Detailed C Overview D --> Detailed D i have created another 8 reports using the save as funtionality