Datatable fails to load fields that contain characters < or >

I’ve tried to populate a datatable by means of the load function, calling a php backend that provides a JSON response. The table is actually loaded except for the fields that contain character < or character > that are displayed empty.

I’ve tried CSV format as well and same behaviour.

Is this expected behaviour? How can I manage strings containing < or > to be displayed in a datatable?

My index.html:

  {
	id:"mylist",
	view:"datatable",
	columns:[
		{ id:"i", header:"I", width:50},
		{ id:"s", header:"S", width:250},
		{ id:"e", header:"E", width:250},
		{ id:"t", header:"T", width:200},
		{ id:"o", header:"O", width:200}
	]
  },
  
  ...
  
    function load_mylist() {
		$$("mylist").load("rest/load.php", "json", function(text, data, request) {
			console.log("text:" + text);
		});
	}

My load.php:

    <?php
    echo '[{"i":"0","s":"11.11.2015 16:23:01.267","e":"11.11.2015 16:23:24.352","t":"<tel:11234567890>","o":"<sip:12345678;phone-context=one.two.net@one.two.net;user=phone>"}]';
    exit;

you need to htmlencode your data or escape on output.
try this:

{
    id:"mylist",
    view:"datatable",
    columns:[
        { id:"i", header:"I", width:50},
        { id:"s", header:"S", width:250},
        { id:"e", header:"E", width:250},
        { id:"t", header:"T", width:200, format:webix.template.escape /*or template:"#!t#"*/},
        { id:"o", header:"O", width:200, format:webix.template.escape /*or template:"#!o#"*/}
    ]
  },

Thanks a lot! Both encoding and escaping worked fine.

Is webix.template.escape some internal method that might change without notice? I don’t see it documented under template or anywhere.

Hi @dandv ,

Thank you for the notice. We will add it to the documentation soon.
template.escape works the same as a replacement following characters via str.replace:

{
    "&": "&amp;",
    "<": "<",
    ">": ">",
    "\"": "&quot;",
    "'": "&#x27;",
    "`": "&#x60;"
}

Also, this information may be useful: https://docs.webix.com/desktop__html_templates.html#xsssafetemplates

Hi @dandv, webix.template.escape was documented and will be publicly available in the documentation with the next majour release. Sorry for the inconvenience.