In this APEX Instant Tip episode, Hayden introduces the !RAW notation for substitution strings, and discusses a use case for when it could be appropriate (end users needing to use HTML to format text).
Insum’s own APEX security guru Anton Nielsen addresses the risks this poses, and provides a strategy to safeguard against XSS and other dangers using the recently added apex_escape.html_allowlist.
Also, the solution to last week’s puzzler is revealed!
View Past Episodes
Full episode list on YouTube here.
Past Episodes
APEX Instant Tips #147: Why are Ajax Callback processes so hard to use?
Ajax callbacks are hard to use: Learn the javascript and be careful about syntax. Marwa and...
Read more
APEX #146: APEX Instant Tips #146: Extending Faceted Search
Hosts Anton and Marwa talk about how to make a page item look and behave like...
Read more
APEX Instant Tips #145: How to know if the data in your Interactive Grid row changed
:APEX$ROW_STATUS is a pseudo column that can be used in PL/SQL, just like any other interactive...
Read more
APEX Instant Tips #144: When to_date
To_date, To_number, and To_timestamp stem from how APEX stores and treats Session State. Anton and Marwa...
Read more
APEX Instant Tips #143: Javascript and css from pl/sql
In this episode, Marwa and Special guest Eglé describe how to add javascript code and CSS...
Read more
APEX Instant Tips #142: LOV additional columns
Michelle sits in for Anton this week as Marwa shows you how to leverage additional columns...
Read more
APEX Instant Tips #141: The APEX qAsk application
The APEX qAsk application can be used for live surveys. Anton and Marwa demonstrate and point...
Read more
APEX Instant Tip #140: A tip for when merging working copies
When merging a copy back into an APEX app, make sure to unclick anything that says...
Read more