+ Start a Discussion
infowelders_nsinfowelders_ns 

HTML constructed in Apex Class is being safe-encoded!

I am trying to use an Apex Class to dynanamically construct HTML in my company's web page.  The example below makes a good simplified example:

 

 

Apex Class:

public with sharing class web_controller_test {

 

  public String myString = '<a href="http://www.google.com/">Google</a>';

 

public String getNavString() {

return myString;
}

}

 

Force.com Page:

 

<apex:page controller="web_controller_test" standardStyleSheets="false" sidebar="false" showHeader="false" title="Test Page">

<apex:outputPanel id="subnav">
<apex:repeat value="{!NavString}" var="navstring">
{!navstring}
</apex:repeat>
</apex:outputPanel>

</apex:page>

 

The Apex Class has one function that is supposed to return a link to Google.  The SF Sites page calls that function, and the link is supposed to be brought into page code.

 

Except it doesn't.  Instead of returning HTML, it returns the incorrect safe-encoded version:

 

 

Output - What the code spits out:

<body>
&lt;a href="http://www.google.com/"&gt;Google&lt;/a&gt;
</body>

 

 

This is what it's supposed to look like:

 

 

What it should REALLY look like:

<body>
<a href="http://www.google.com/">Google</a>
</body>

 

Does anyone know how to display the actual string, and not the escaped version?

 

~ Nick

Best Answer chosen by Admin (Salesforce Developers) 
GoodGrooveGoodGroove

Use an outputText component and set escape attribute to false

<apex:outputText escape="false" value="{!NavString}"/>