+ Start a Discussion
vbelawa1vbelawa1 

Visualforce displaying tags and not the real HTML page

I am passing a list to a HTML table in a VF controller. 

actionResults = actionResults + '<li>' + sbiA.Name + '</li>';

res.actions = actionResults;

in the VF page 

 

<td>Actions:</td><td>{!res.actions}</td>

 

There is other code too but I am not posting all the code. 

So the problem is that when I view the page I see tags in the OP. 

Like this

<li>Test Action 2</li><li>Test Action</li>

I want it to be displayed like below.. 

 

  • Test Action 2
  • Test Action

 

Best Answer chosen by Admin (Salesforce Developers) 
aballardaballard

If you want to return markup from a controller method you will need to include it using <apex:outputText> with the escape=false attribute.

 

If you do this be aware it is up to you to ensure you have not created a cross-site scripting security vulnerability in your page. 

 

 It would be better to put the markup in the page and only the data in the controller method. 

All Answers

aballardaballard

If you want to return markup from a controller method you will need to include it using <apex:outputText> with the escape=false attribute.

 

If you do this be aware it is up to you to ensure you have not created a cross-site scripting security vulnerability in your page. 

 

 It would be better to put the markup in the page and only the data in the controller method. 

This was selected as the best answer
Andy BoettcherAndy Boettcher

100% agreed with aballard - as a general rule, you don't want HTML code coming through from your Controller.  If that's how it is though (description field, etc) he is correct.  The <apex:outputText value="{!whatever}" escape="false" /> is your answer.

 

-Andy