Review or change the following :
Name: The Field Type name to display in all Form Creation dialogs.
Description: A short description of the new field type.
Data Type: Controls how CommonSpot processes custom field type data for rendering and editing. You can adjust this setting for each of your custom field types to control display on output. See Text Handling in CommonSpot for more information.
These options affect how HTML data is handled.
The following native HTML characters must be escaped - that is, converted to their HTML equivalents - in content being edited to prevent interference with form processing. For example, without escaping double quotes entered in a text input control, the browser interprets the first one as the end of the field's value attribute, cutting off everything entered after that or dumping content outside the text field.
- ampersands &
- double quotes " "
- open tag delimiters <
- close tag delimiters >
Escaping also allows the correct rendering of content that includes HTML-like data. For example, without escaping, browsers suppress <characters> contained within tag delimiters as unknown HTML.
CommonSpot gives you the following options for handling HTML data in custom fields:
- HTML: Default. Escapes HTML for editing only, and not for rendering. HTML code input displays as expected on output. The characters listed above can be entered without interfering with form input processing.
- HTML Plus: Escapes HTML for editing, and includes enhanced whitespace handling for rendering. This option allows standard edit controls to work normally and shows live HTML on a page, but also automatically translates some conventions common outside the HTML world into HTML equivalents:
Newlines are converted to HTML<br> tags, so text moves to the next line, as it would in plain text.
Multiple spaces are converted to alternating non-breaking-space/space pairs, so they create additional space.
These behaviors are unlike plain HTML, where any amount of consecutive whitespace, including newlines, collapses down to the visual equivalent of one space. Page authors may find this more intuitive than having to type <br /> tags or to achieve these common effects. This is similar to the way Simple Text Block elements are handled.
- Text: Escapes HTML for rendering and editing. This is appropriate for data that will never have any live HTML in it, such as links or formatting. HTML tags or entities will appear as literal code, rather than actual bold text, for example.
- Unprocessed: No processing for rendering or editing. This leaves all data handling up to developers. If your render module uses standard HTML edit controls, you probably need to use ColdFusion's HTMLEditFormat function, or Server.CommonSpot.api.escapeHTML, to avoid the problems mentioned above. Without similar escaping in your custom element render handler, any HTML entered by contributors will be live on the page, leaving you vulnerable to defective or inappropriate usage. On the other hand, the unprocessed data type gives you complete control over your data, so it may be appropriate in cases where you're sending it to another system, or handling it outside an HTML context.