I'm using RazorEngine v3.3 to create emails using template files (emails are sent using SendGrid Web API). I implemented a base template so I can use my own html helpers by overriding the WriteTo() method as shown here
.
My problem is that my emails are part Html and part Text. For the Html templates, I use razor's default implementation that html-encodes the #Model values. This is because some of the data comes from user input.
However, I can't use the same implementation for the text part as Html will not be interpreted when being read.
So the way I see it I have 3 options:
use #Raw(Model) in all my text based templates to ignore Html encoding
create an other base template for my text templates which doesn't encode to Html
modify my Html base template so the WriteTo() method doesn't encode anything
The 1st solution seems the safest, but I have about 50 text based templates to go through, and it reduces readability.
The 2nd solution seems the cleanest to me, however this would prevent the use of cache, as I would be constantly doing Razor.SetTemplateService() to reassign the right base template ?
What would you recommend doing ? Thanks
Related
I am writing a Flutter web application that needs to have a customizable template for printing reports: inside the template there will be some placeholders that must be replaced with data at the moment of printing. The "printing" itself will be done by having the user download and open a PDF file, then print it through the browser, the OS or anything else, but that's beyond the scope, at the moment.
The default template would be something like this, where <BUYER_DATA> and <TRANSACTION_DATA> will be replaced with the data of the transaction the user is printing, along with some other "technical" tags (i.e., the page number and the pages count):
Header with site name
727 Chester Rd New Trafford, Stretford
Manchester
<BUYER_DATA>
01-12-2022 14:40
<TRANSACTION_DATA>
AppName - TM 2022
Page <PAGE_NO> of <PAGES_COUNT>
The user is allowed to edit this template in any aspect (boldness, size, colors, etc), provided that the tags related to the data are not removed from it.
So, to achieve this, I added a WYSIWYG html editor inside a page in order to save the template as an HTML-formatted string. And this works fine: only then I realized that the well-known flutter printing library doesn't support conversion from HTML directly to PDF on web, and all my plans began to crumble.
I then tried to discover if there's some other way to achieve the same by replacing the HTML template with something else, like markdown, but it seems that there's nothing that could help me.
The question is: anybody knows of a package capable of converting from HTML, markdown or such, directly into PDF?
I just need to know so I can stop googling around and decide to write my own parser for the HTML and convert it into a series of Widgets of the before-mentioned printing package.
I am working on a prototype using iText7 for C#. The PDF I am using is an XFAForm PDF and was created in Adobe Live Cycle Designer. From my research, XFAForms do not support annotations. I was going to add an annotation to the field with a link.
I want to be able to edit the value in a field to include a URL. For example,
Name : Marc
should be:
Name : Marc https://www.google.com
I am able to modify the value in this field, but no luck adding a URL that is clickable. I have tried the following:
element.Add(new XAttribute("href", injectedURL)); element is an XElement
Injecting HTML as the new value with a link
I was thinking about reading the XML, parsing it and injecting the URL in the XML and then writing it back to the PDF, but I do not feel that is a good solution.
Has anyone been able to do this?
We have various people updating our AEM website however when they copy and paste from word or from online it retains the HTML. I'm wondering if AEM has any built-in way of sanitizing the input so I don't need to build one.
If you are using Rich Text Editor field in the dialog then the text will be parsed and some tags will be stripped. Take a look here for more information about how to configure it and how it works.
We had a rich text edit component with same issue wherein authors were able to place HTML styling onto RTE and the placed styles were colliding with application styles and was breaking components. Fix was, we stripped out all HTML styling using jsoup API before rendering back on screen.
The usual approach in AEM is to protect the user on output (i.e. take the input as-is and use the built-in XSS API when rendering that input).
https://docs.adobe.com/docs/en/cq/5-6-1/deploying/security_checklist.html#Protect%20against%20Cross-Site%20Scripting%20%28XSS%29
https://docs.adobe.com/content/docs/en/cq/5-6-1/developing/securitychecklist/_jcr_content/par/download/file.res/xss_cheat_sheet.pdf
I'm developing a CMS, and I'm trying to figure out which rich text editor (if any) I want to use.
The content is stored in a structured form on the server. Let's call it the "canonical form". It is not a simple HTML or markdown page, but a multi-part structure where each part is stored as individual records in the database.
The server reads the canonical form and sends it to the client. The client transforms the canonical form into HTML. I now want to let the user edit the content, and save it back to the server in canonical form.
I'm not sure a rich text editor will do the trick. It seems most RTE's give you HTML, leaving it up to you to parse the HTML and save it. The problem is that the conversion of canonical to HTML is one-way. The canonical form is different enough from HTML that the transformation can't be readily reversed.
So I need some kind of intimate interaction with the editor. I need to track all the things the editor does (select, copy, paste, drag-n-drop, splitting blocks, merging blocks, etc.) as the editor is doing it, so that I can maintain the canonical form in parallel with the displayed HTML.
Is there anything out there that will do this? I'm looking at TinyMCE, CKEditor, etc.
It sounds like you're probably going to need logic that converts content into canonical form on an editor get operation, and the inverse on an editor set operation.
Textbox.io supports the idea of filters for content. You could possibly tie this in with something like Markdown-js to get your canonical format.
I am developing a web app that sends out emails. Currently, all emails have a HTML part.
Questions:
Is it important to include a text part also?
Do you include both?
Is just removing all the tags from the HTML message and adding a few line breaks good enough to create a text part from the HTML part?
Thanks, Kevin
Is it Important to include a text part also? It's a best practice to provide a plain text version of the email. However, in my opinion and in this day and age, I would guess that it is not such a big deal to leave it out. However, if you know more about your recipients' email clients (eg: if you're sending the emails in a corporate environment and everyone uses a particular email client), then you can determine how necessary it really is.
Do you include both? The .net framework (which I use) provides an AlternateView class (MSDN) that allows you to easily specify copies of an email in different formats. It makes things very easy to include a plain text version of the email. Perhaps you can find something similar in apache/php.
Is just removing all the tags from the HTML message and adding a few line breaks good enough to create a text part from the HTML part? Technically, yes but be VERY CAREFUL here. A complex HTML layout that has been converted to plain text will look absolutely terrible if all you do is remove HTML tags and pile the content together. It really depends on your content and how much you can do to manipulate said content. Also, take a look at Campaign Monitor'ssuggestions for formatting plain text emails.
One final word of advice for you HTML emails to test, test, and then test some more. When you're finished testing, test again. HTML emails will render differently in different email clients and, if some of your recipients are using Microsoft Word 2007/2010 then you can forget about web standards. I urge you to take a look at Campaign Monitor's Guide to CSS support in email.