Class WText

Direct Known Subclasses:
IndexText, WDefaultLoadingIndicator

public class WText
extends WInteractWidget
A widget that renders (XHTML) text.

The text is provided through a WString, which may either hold a literal text, or a key to localized text which is looked up in locale dependent XML files (see WString#tr()).

Use setTextFormat() to configure the textFormat of the text. The default textFormat is TextFormat.XHTMLText, which allows XHMTL markup to be included in the text. Tags and attributes that indicate "active" content are not allowed and stripped out, to avoid security risks exposed by JavaScript such as the common web-based Cross-Site Scripting (XSS) malicious attack. XSS is the situation where one user of your web application is able to execute a script in another user's browser while your application only intended to display a message entered by the mailicious user to the other user. To defeat this attack, JWt assumes that content in a WText is intended to be passive, and not contain any scripting elements.

The TextFormat.XHTMLText format will automatically change to TextFormat.PlainText if the text is not valid XML. Properly formatted HTML, which is not valid XHTML (e.g. a <br> tag without closing tag) will thus be shown literally, since the HTML markup will be escaped. JWt does this as a safety measure, since it cannot reliably run the XSS filter without parsing the XML successfully.

The TextFormat.PlainText format will display the text literally (escaping any HTML special characters).

In some situations, TextFormat.XHTMLUnsafeText may be useful to explicitly allow scripting content. Like XHTMLText, it allows XHTML markup, but it also allows potentially dangerous tags and attributes. Use this if you're sure that a user cannot interfere with the text set, and XHTMLText is too limiting.

WText is by default inline, unless the XHTML contents starts with an element such as <div>, <h> or <p> that is displayed as a block, in which case the widget will also display as a block.

CSS

The widget corresponds to an HTML <span> tag or an HTML <div> depending on whether the widget is inline.

This widget does not provide styling, and can be styled using inline or external CSS as appropriate.

See Also:
WApplication.setLocale(Locale locale)