..the apex plugin directory

an initiative of

Add your APEX4.0 Plugin info

Describe your Plugin’s features. You can upload the Plugin’s code and documentation, or, alternatively, submit the URLs to your Website, GitHup Repository or Blog.

You are here:
Follow us on Twitter
Dynamic Action Plugin HTML Markup for APEX Tree

HTML Markup for APEX Tree


HTML Markup in an APEX tree? YES: with this plugin


This plugin enables HTML Markup within an APEX Tree Region which normally escapes all HTML Special characters. The idea is to use replacement characters for "<", ">" and "&" in the Tree SQL query and to configure these in the plugin. The plugin fires as a dynamic action after page load and uses some jQuery logic to activate the HTML markup by changing the replacement characters back to HTML syntax.

A note about the security topic: 

The reviewer below is right - using the plugin might introduce an XSS vulberability if tree contains end-user supplied content.

The plugin is as secure or insecure as the "Standard Report Column" setting in an normal APEX report. So if you are using it make sure that all tree content is not derived from end users or that end user content has been checked beforehand.

Example APEX Tree SQL query:

select case when connect_by_isleaf = 1 then 0
when level = 1 then 1
else -1
end as status,
when sal < 2500 then '[b style="color: green"]'||"ENAME"||'[/b]§nbsp;[img xsrc="/i/Fndokay1.gif" height="12"]'
when sal < 4500 then '[b style="color: black"]'||"ENAME"||'[/b]'
else '[b style="color: red"]'||"ENAME"||'[/b]'
end as title,
null as icon,
"EMPNO" as value,
null as tooltip,
null as link
from "EMP"
start with "MGR" is null
connect by prior "EMPNO" = "MGR"
order siblings by "ENAME"

Plugin configuration:

  • Pattern for "<": [
  • Pattern for ">": ]
  • Pattern for "&": §



Version 1.0:

initial release

Version 1.1:

added plugin parameter for unbinding the mouse click and double click handlers added by the tree component. Use this if your tree links are not working together with this plugin



Resulting Tree
Resulting Tree
Company: ORACLE Germany
Date added: 23.2.2012
Views: 11539
Votes: 7
Reviews: 2
Min. APEX Version:
Share on Facebook
Digg! Share on Digg
Save This Page
Link to:
download apex plugin
If something is not correct please report it here: Report Listing
Do you have a question about this Plugin? Want to write a Review or Comment?
Login first.
Reviews / Questions / Comments are e-mailed to the author of the Plug-in.
Security Warning
by Nathan Catlow
on May 4, 2012
I hate be bearer of bad news, this plugin is highly susceptible to cross-site scripting attacks. By subverting the built-in protections of Apex you are reducing the security of the APEX tree.

You must not build the tree values with *any* values that derive from the user. We are marking this plugin as insecure in our ApexSec security scanner.

To test, set ENAME to "[script]alert('hi')[/script]"

Recx Ltd
new possibilities
by Thomas
on March 30, 2012
This plugin is very useful if you want to create editable trees. e.g. you can add links behind tree nodes to edit the tree node in a form on the linked page. You are also able to add a link behind a tree node for adding tree sub entries to the selected node. There are a lot of possibilities if you enable HTML in your APEX trees. And enabling HTML is exactly what this plugin does.
Powered by Sigsiu.NET RSS Feeds

Disclaimer: The APEX Plugins on this site are not supported by Oracle Support Services.

If you have a question about a Plugin or need support: Login and select the plugin detail page. At the bottom you can enter your Question / Review / Remark.
Your message will be sent to the author of the plugin.