I'm using Thymeleaf template engine with spring and I'd like to display text stored throught a multiline textarea. In my database multiline string are store with "\n" like this : "Test1\nTest2\n...." With th:text i've got : "Test1 Test2" with no line break. How I can display line break using Thymeleaf and avoid manually "\n" replacing with and then avoid using th:utext (this open form to xss injection) ? Thanks !

Two of your options: <ol> <li>Use th:utext - easy setup option, but harder to read and remember</li> <li>Create a custom processor and dialect - more involved setup, but easier, more readable future use.</li> </ol> Option 1: You can use th:utext if you escape the text using the expression utility method <code>#strings.escapeXml( text )</code> to prevent XSS injection and unwanted formatting - http://www.thymeleaf.org/doc/tutorials/2.1/usingthymeleaf.html#strings To make this platform independent, you can use <code>T(java.lang.System).getProperty('line.separator')</code> to grab the line separator. Using the existing Thymeleaf expression utilities, this works: <pre class="prettyprint"><code> </code></pre> Option 2: The API for this is now different in 3 (I wrote this tutorial for 2.1) Hopefully you can combine the below logic with their official tutorial. One day maybe I'll have a minute to update this completely. But for now: Here's the official Thymeleaf tutorial for creating your own dialect. Once setup is complete, all you will need to do to accomplish escaped textline output with preserved line breaks: <pre class="prettyprint"><code> </code></pre> The main piece doing the work is the processor. The following code will do the trick: <pre class="prettyprint"><code>package com.foo.bar.thymeleaf.processors import java.util.Collections; import java.util.List; import org.thymeleaf.Arguments; import org.thymeleaf.Configuration; import org.thymeleaf.dom.Element; import org.thymeleaf.dom.Node; import org.thymeleaf.dom.Text; import org.thymeleaf.processor.attr.AbstractChildrenModifierAttrProcessor; import org.thymeleaf.standard.expression.IStandardExpression; import org.thymeleaf.standard.expression.IStandardExpressionParser; import org.thymeleaf.standard.expression.StandardExpressions; import org.unbescape.html.HtmlEscape; public class HtmlEscapedWithLineSeparatorsProcessor extends AbstractChildrenModifierAttrProcessor{ public HtmlEscapedWithLineSeparatorsProcessor(){ //only executes this processor for the attribute 'lstext' super("lstext"); } protected String getText( final Arguments arguments, final Element element, final String attributeName) { final Configuration configuration = arguments.getConfiguration(); final IStandardExpressionParser parser = StandardExpressions.getExpressionParser(configuration); final String attributeValue = element.getAttributeValue(attributeName); final IStandardExpression expression = parser.parseExpression(configuration, arguments, attributeValue); final String value = (String) expression.execute(configuration, arguments); //return the escaped text with the line separator replaced with return HtmlEscape.escapeHtml4Xml( value ).replace( System.getProperty("line.separator"), " " ); } @Override protected final List<Node> getModifiedChildren( final Arguments arguments, final Element element, final String attributeName) { final String text = getText(arguments, element, attributeName); //Create new text node signifying that content is already escaped. final Text newNode = new Text(text == null? "" : text, null, null, true); // Setting this allows avoiding text inliners processing already generated text, // which in turn avoids code injection. newNode.setProcessable( false ); return Collections.singletonList((Node)newNode); } @Override public int getPrecedence() { // A value of 10000 is higher than any attribute in the SpringStandard dialect. So this attribute will execute after all other attributes from that dialect, if in the same tag. return 11400; } } </code></pre> Now that you have the processor, you need a custom dialect to add the processor to. <pre class="prettyprint"><code>package com.foo.bar.thymeleaf.dialects; import java.util.HashSet; import java.util.Set; import org.thymeleaf.dialect.AbstractDialect; import org.thymeleaf.processor.IProcessor; import com.foo.bar.thymeleaf.processors.HtmlEscapedWithLineSeparatorsProcessor; public class FooDialect extends AbstractDialect{ public FooDialect(){ super(); } //This is what all the dialect's attributes/tags will start with. So like.. fd:lstext="Hi David! This is so much easier..." public String getPrefix(){ return "fd"; } //The processors. @Override public Set<IProcessor> getProcessors(){ final Set<IProcessor> processors = new HashSet<IProcessor>(); processors.add( new HtmlEscapedWithLineSeparatorsProcessor() ); return processors; } } </code></pre> Now you need to add it to your xml or java configuration: If you are writing a Spring MVC application, you just have to set it at the additionalDialects property of the Template Engine bean, so that it is added to the default SpringStandard dialect: <pre class="prettyprint"><code> <bean id="templateEngine" class="org.thymeleaf.spring3.SpringTemplateEngine"> <property name="templateResolver" ref="templateResolver" /> <property name="additionalDialects"> <set> <bean class="com.foo.bar.thymeleaf.dialects.FooDialect"/> </set> </property> </bean> </code></pre> Or if you are using Spring and would rather use JavaConfig you can create a class annotated with @Configuration in your base package that contains the dialect as a managed bean: <pre class="prettyprint"><code>package com.foo.bar; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import com.foo.bar.thymeleaf.dialects.FooDialect; @Configuration public class TemplatingConfig { @Bean public FooDialect fooDialect(){ return new FooDialect(); } } </code></pre> Here are some further references on creating custom processors and dialects: http://www.thymeleaf.org/doc/articles/sayhelloextendingthymeleaf5minutes.html , http://www.thymeleaf.org/doc/articles/sayhelloagainextendingthymeleafevenmore5minutes.html and http://www.thymeleaf.org/doc/tutorials/2.1/extendingthymeleaf.html

Thymeleaf + Spring : How to keep line break?

I'm using Thymeleaf template engine with spring and I'd like to display text stored throught a multiline textarea.

In my database multiline string are store with "\n" like this : "Test1\nTest2\n...."

With th:text i've got : "Test1 Test2" with no line break.

How I can display line break using Thymeleaf and avoid manually "\n" replacing with and then avoid using th:utext (this open form to xss injection) ?

Thanks !

How do you use the line break in Thymeleaf?

Thanks Linebreak are correctly displayed BUT when user type escaped character like " or ' it show \" or \' (with backslash).

Is Thymeleaf fully integrated with Spring?

It provides full integration with Spring Framework. It applies a set of transformations to template files in order to display data or text produced by the application. It is appropriate for serving XHTML/HTML5 in web applications. The goal of Thymeleaf is to provide a stylish and well-formed way of creating templates.

Is Thymeleaf still popular?

While Thymeleaf is more of a template engine for server-side application development. But Thymeleaf's popularity is on a steady rise. The developer community is slowly moving away from 'once a common' MVC framework for Javascript-based development.

Two of your options:

Use th:utext - easy setup option, but harder to read and remember
Create a custom processor and dialect - more involved setup, but easier, more readable future use.

Option 1:

You can use th:utext if you escape the text using the expression utility method #strings.escapeXml( text ) to prevent XSS injection and unwanted formatting - http://www.thymeleaf.org/doc/tutorials/2.1/usingthymeleaf.html#strings

To make this platform independent, you can use T(java.lang.System).getProperty('line.separator') to grab the line separator.

Using the existing Thymeleaf expression utilities, this works:

<p th:utext="${#strings.replace( #strings.escapeXml( text ),T(java.lang.System).getProperty('line.separator'),'&lt;br /&gt;')}" ></p>

Option 2:

The API for this is now different in 3 (I wrote this tutorial for 2.1) Hopefully you can combine the below logic with their official tutorial. One day maybe I'll have a minute to update this completely. But for now: Here's the official Thymeleaf tutorial for creating your own dialect.

Once setup is complete, all you will need to do to accomplish escaped textline output with preserved line breaks:

<p fd:lstext="${ text }"></p>

The main piece doing the work is the processor. The following code will do the trick:

package com.foo.bar.thymeleaf.processors   import java.util.Collections; import java.util.List;  import org.thymeleaf.Arguments; import org.thymeleaf.Configuration; import org.thymeleaf.dom.Element; import org.thymeleaf.dom.Node; import org.thymeleaf.dom.Text; import org.thymeleaf.processor.attr.AbstractChildrenModifierAttrProcessor; import org.thymeleaf.standard.expression.IStandardExpression; import org.thymeleaf.standard.expression.IStandardExpressionParser; import org.thymeleaf.standard.expression.StandardExpressions; import org.unbescape.html.HtmlEscape;  public class HtmlEscapedWithLineSeparatorsProcessor extends         AbstractChildrenModifierAttrProcessor{      public HtmlEscapedWithLineSeparatorsProcessor(){         //only executes this processor for the attribute 'lstext'         super("lstext");     }      protected String getText( final Arguments arguments, final Element element,             final String attributeName) {          final Configuration configuration = arguments.getConfiguration();          final IStandardExpressionParser parser =             StandardExpressions.getExpressionParser(configuration);          final String attributeValue = element.getAttributeValue(attributeName);          final IStandardExpression expression =             parser.parseExpression(configuration, arguments, attributeValue);          final String value = (String) expression.execute(configuration, arguments);          //return the escaped text with the line separator replaced with <br />         return HtmlEscape.escapeHtml4Xml( value ).replace( System.getProperty("line.separator"), "<br />" );       }        @Override     protected final List<Node> getModifiedChildren(             final Arguments arguments, final Element element, final String attributeName) {          final String text = getText(arguments, element, attributeName);         //Create new text node signifying that content is already escaped.         final Text newNode = new Text(text == null? "" : text, null, null, true);         // Setting this allows avoiding text inliners processing already generated text,         // which in turn avoids code injection.         newNode.setProcessable( false );          return Collections.singletonList((Node)newNode);       }      @Override     public int getPrecedence() {         // A value of 10000 is higher than any attribute in the SpringStandard dialect. So this attribute will execute after all other attributes from that dialect, if in the same tag.         return 11400;     }   }

Now that you have the processor, you need a custom dialect to add the processor to.

package com.foo.bar.thymeleaf.dialects;  import java.util.HashSet; import java.util.Set;  import org.thymeleaf.dialect.AbstractDialect; import org.thymeleaf.processor.IProcessor;  import com.foo.bar.thymeleaf.processors.HtmlEscapedWithLineSeparatorsProcessor;  public class FooDialect extends AbstractDialect{      public FooDialect(){         super();     }      //This is what all the dialect's attributes/tags will start with. So like.. fd:lstext="Hi David!<br />This is so much easier..."     public String getPrefix(){         return "fd";     }      //The processors.     @Override     public Set<IProcessor> getProcessors(){         final Set<IProcessor> processors = new HashSet<IProcessor>();         processors.add( new HtmlEscapedWithLineSeparatorsProcessor() );         return processors;     }  }

Now you need to add it to your xml or java configuration:

If you are writing a Spring MVC application, you just have to set it at the additionalDialects property of the Template Engine bean, so that it is added to the default SpringStandard dialect:

    <bean id="templateEngine" class="org.thymeleaf.spring3.SpringTemplateEngine">   <property name="templateResolver" ref="templateResolver" />   <property name="additionalDialects">     <set>       <bean class="com.foo.bar.thymeleaf.dialects.FooDialect"/>     </set>   </property>     </bean>

Or if you are using Spring and would rather use JavaConfig you can create a class annotated with @Configuration in your base package that contains the dialect as a managed bean:

package com.foo.bar;  import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration;  import com.foo.bar.thymeleaf.dialects.FooDialect;  @Configuration public class TemplatingConfig {      @Bean     public FooDialect fooDialect(){         return new FooDialect();     } }

Here are some further references on creating custom processors and dialects: http://www.thymeleaf.org/doc/articles/sayhelloextendingthymeleaf5minutes.html , http://www.thymeleaf.org/doc/articles/sayhelloagainextendingthymeleafevenmore5minutes.html and http://www.thymeleaf.org/doc/tutorials/2.1/extendingthymeleaf.html

Thymeleaf + Spring : How to keep line break?

Tags:

spring

thymeleaf

spring-el

Daividh

People also ask

Video Answer

1 Answers

David Roberts

Recent Activity

Donate For Us

Thymeleaf + Spring : How to keep line break?

Tags:

spring

thymeleaf

spring-el

Daividh

People also ask

Video Answer

1 Answers

David Roberts

Related questions

Recent Activity

Donate For Us