function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Jonathan Thornton 4Jonathan Thornton 4 

Display tags from Controller using JSINHTMLENCODE (or similar)

Hello,

I have a user input field on my Salesforce Community where if a user types someone's name with @NAME it will send the user an email essentially. The controller replaces the "@NAME" with a link to that user's profile page. So what we have is basically a mixture of user input and replaced user input from the controller with html tags in the OutputText. I also have the output replacing the carraige returns with <br/> tags.
  
<apex:outputText value="{!SUBSTITUTE(JSINHTMLENCODE(fi.body), '\r\n', '<br/>')}" escape="false"/>

The problem is the link which comes from the controller gets escaped. A user input of: 

@NAME

123

456

Ends up looking like this:
<a href="www.google.com">@NAME</a>

123

456

I cannot figure out how to display the link properly while still escaping the potentially malicious characters... Any assistance is greatly appreciated!

Here's the relevant controller code for reference if it helps: 
if(feeditems != null && feeditems.size() > 0){
			
			for(FeedItem fi : feeditems){
				for(string screenName : screenNames){
					if(fi.body.contains(screenName) && screenNameUserMap.containsKey(screenName)){
						fi.body = fi.body.replace(screenName, '<a href="/FCIProfile?uId=' + screenNameUserMap.get(screenName) + '">' + screenName +'</a>');
					}
				}
			}
		}

Thank you!!
Jonathan