I need to escape some text before displaying the contents on the webpage, and this in fact is being done correctly. However when I display the String in html, the escape characters will still be displayed. The following is such an example:
hello there my ni&%ame is + - && !
and the respective string with escaping is the following:
hello there my ni&%ame is + - && !
I’ve read somewhere that the core in taglib will only escape the basic ones such as >, < , “, \t and space. however none of these escape sequences are removed from the html code. Does any of you know how to be able to solve this problem please? thanks
the following is part of the code used to convert a specific character to its escape character:
while (character != CharacterIterator.DONE ){
if (character == '<') {
result.append("<");
}
else if (character == '>') {
result.append(">");
}
else if (character == '&') {
result.append("&");
} .....
return result;
}
the escaping part is done and works perfectly.. the problem occurs when i try to display the string with escaped characters onto an html page
Remove this. You don’t need it. The JSTL
<c:out>already does this job.Your HTML string is otherwise escaped twice. Each
&becomes an&again and so on.If you really need to take the escaping in own hands (why?) then just don’t use
<c:out>at all:or turn off its escaping by
escapeXml="false":