Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java escape HTML

currently I use org.apache.commons.lang.StringEscapeUtils escapeHtml() to escape unwanted HTML tags in my Strings but then I realized it escapes characters with accents to &something;, too, which I don't want.

Do you know any solution for escaping HTML tags but leave my special (well, for some people, they are normal here ;]) letters as they are?

Thanks in advance!

balázs

like image 1000
Balázs Németh Avatar asked Feb 02 '11 12:02

Balázs Németh


People also ask

What is HTML escape in Java?

escapeHtml4() [Apache Commons Text] This method takes the raw string as parameter and then escapes the characters using HTML entities. It supports all known HTML 4.0 entities.

How do I escape HTML output?

Basic HTML escaping The first thing to do is to filter your input. Names will never need to contain HTML tags, so just use the default FILTER_SANITIZE_STRING filter, and it'll remove HTML and PHP tags. The second thing to do is to escape your output using the htmlspecialchars() function.


1 Answers

StringUtils.replaceEach(str, new String[]{"&", "\"", "<", ">"}, new String[]{"&amp;", "&quot;", "&lt;", "&gt;"}) 
like image 106
pingw33n Avatar answered Sep 23 '22 04:09

pingw33n