currently I use org.apache.commons.lang.StringEscapeUtils escapeHtml()
to escape unwanted HTML tags in my Strings but then I realized it escapes characters with accents to &something;,
too, which I don't want.
Do you know any solution for escaping HTML tags but leave my special (well, for some people, they are normal here ;]) letters as they are?
Thanks in advance!
balázs
escapeHtml4() [Apache Commons Text] This method takes the raw string as parameter and then escapes the characters using HTML entities. It supports all known HTML 4.0 entities.
Basic HTML escaping The first thing to do is to filter your input. Names will never need to contain HTML tags, so just use the default FILTER_SANITIZE_STRING filter, and it'll remove HTML and PHP tags. The second thing to do is to escape your output using the htmlspecialchars() function.
StringUtils.replaceEach(str, new String[]{"&", "\"", "<", ">"}, new String[]{"&", """, "<", ">"})
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With