HTML Filter

The HTML Filter allows you to use DWScript in a "PHP-style" way, where you can mix HTML and Pascal code in the same file. This is the primary mode for building dynamic web pages in the DWScript WebServer.

When the filter is active, the engine treats the entire file as literal text to be printed, except for code enclosed within special tags.

Syntax Tags

By default, the HTML filter uses the following tags:

Tag Description Equivalent Pascal
<?pas ... ?> Code Block: Executes the Pascal code inside. ...
<?pas= ... ?> Evaluation Tag: Evaluates an expression and prints the result. Print(...);

Code Block Example

You can use standard Pascal control flow (loops, conditionals) to generate HTML dynamically.

<ul>
<?pas
  for var i := 1 to 3 do begin
    ?>
    <li>Item Number <?pas= i ?></li>
    <?pas
  end;
?>
</ul>
Result
<ul>*
    <li>Item Number 1</li>
    
    <li>Item Number 2</li>
    
    <li>Item Number 3</li>
    
</ul>

Expression Evaluation

The <?pas= ... ?> tag is a shorthand for Print(). It is commonly used for injecting variables or the results of function calls into the HTML.

<p>The current date is: <?pas= DateToStr(Now) ?></p>
Result
<p>The current date is: *</p>

:::tip

Automatic HTML Escaping

Unlike some other languages, the HTML filter does not automatically escape output. For security and to prevent XSS, you should use the .ToHtml helper on strings: <?pas= myVar.ToHtml ?>. :::

Beyond HTML: Versatility

While commonly used for HTML, the "HTML Filter" is actually a general-purpose text preprocessor. Because it does not perform any automatic escaping, you can use it to generate CSS, JSON, XML, or plain text by simply setting the appropriate ContentType in the WebResponse.

<?pas
// Generate dynamic CSS
WebResponse.ContentType := 'text/css';
var bgColor := '#f0f0f0';
?>
body {
  background-color: <?pas= bgColor ?>;
}
Result
body {
  background-color: #f0f0f0;
}

This flexibility is why built-in HTML escaping is omitted; the filter has no way of knowing if your output target requires HTML entities, CSS escaping, or no escaping at all.

The $FILTER Directive

The {$FILTER "filename"} directive (shorthand {$F "filename"}) allows you to include an external file and process it through the current filter.

This is different from a standard include because the included file will also be treated as HTML with <?pas tags.

<div>
  <h1>Page Header</h1>
  {$FILTER "sidebar.html"}
</div>

If sidebar.html contains:

<aside>
  User: <?pas= WebRequest.QueryField['user'] ?>
</aside>

It will be correctly processed before being injected into the main page.

Configuration

In a custom host application, the HTML filter is provided by the TdwsHtmlFilter component. You can customize the tags if needed:

  • PatternOpen: Default is <?pas.
  • PatternClose: Default is ?>.
  • PatternEval: Default is =.

Handling Special Characters

The filter is designed to handle special characters like quotes and newlines gracefully. When it processes text outside of tags, it automatically wraps it in Print() calls, escaping any single quotes found in the text so they don't break the Pascal string literals.

Example of filtered output transformation: It's a "beautiful" day -> Print('It''s a "beautiful" day');

← Data Encodings File Handles →
On this page