html.neuterMacros
| Syntax |
html.neuterMacros (s, adrTable)
|
| Params |
s is a string. adrTable is the address of a table defining which macros should not be neutered.
|
| Action |
Neuters all macros in s with the exception of those specified in the table pointed to by adrTable.
|
| Returns |
The modified string.
|
| Examples |
html.neuterMacros ("{clock.now ()}", @config.mainResponder.prefs.legalMacros) » "{clock.now ()}"
|
| Notes |
Neutering a macro means replacing the enclosing curly braces with the corresponding entities, "{" and "}" so that the website framework's macro processor would not execute it if the text were run thru the macro processor. A possibly legal macro is an identifier optionally followed by a set of literal string parameters enclosed in parenthesis. If the verb identifies a macro call in the input string, it checks the table pointed to by adrTable for an object with the same name as the identifier. If there is no corresponding object in the table the macro is neutered. If there is a corresponding object and it is a table, then it must contain two items: flLegal, a boolean specifying whether the identifier is legal, and flParams, a boolean specifying whether there should be parameters. If flParams is absent, it is assumed to be false. If there is a corresponding object and it is not a table, it is coerced to a boolean. If the result is true, the macro is assumed to be legal as long as it doesn't have parameters. If the result is false, the macro is neutered. You can use this verb to clean up any text which entered your system from the outside world to make rendering it through the website framework safer. This verb was originally added in Frontier 6.1. In Frontier 6.2a9, we extended this verb to recognize more complicated macros while still limiting identifiers and function names to those specified in the table pointed to by adrTable. See Extended Safe Macros in Frontier 6.2 for details.
|
| See Also |
html.neuterTags
|
