special characters in jstl

Hi
In my application user enters text consisting of & < etc. Problem is when displaying the output , these characters are translated to & <
I am using escapeXml="false" but that does not help
This is my code
<c:forEach var="user" items="${collNotes}">
<c

ut value="${user.Text}" escapeXml="false"/>
</c:forEach>

Any idea why it does not work ?

Vinay

By using escapeXML="false" you are telling the tag not to escape the characters. You want escapeXmL="true".
[ July 14, 2008: Message edited by: Bear Bibeault ]

escapeXml="true" is the default value. To prevent transformation we set this to false. Thats what the doc says.
Even escapeXml="true" does not work

Originally posted by Vinay Singh:
...does not work

This is not a useful explanation of what's happening. What's not working? How is it not working? What are you seeing? What is it that you are expecting?

There is a text field in which user enters the data. He enters data
Today & tomorrow > 10
The output should be displayed as it is. In database it is stored the way it has been entered.
But the displayed out put is
Today '&' tomorrow '>' 10

The way this data is displayed in jsp is

<c:forEach var="user" items="${collNotes}">
<c

ut value="${user.Text}" escapeXml="false"/>
</c:forEach>

where collNotes is the collection of notes.
Text is the field in which the data was entered.
This data should be displayed as
Today & tomorrow > 10
with escapeXml="false" . But this does not happen.

How to solve this ?

Vinay

------
[ July 14, 2008: Message edited by: Vinay Singh ]

Originally posted by Vinay Singh:
There is a text field in which user enters the data. He enters data
Today & tomorrow > 10
The output should be displayed as it is. In database it is stored the way it has been entered.
But the displayed out put is
Today & tomorrow > 10

They look the same to me. What's the issue?

I am sorry. They look same because java ranch site translates & and > into correct characters.
In my application & is not translated to &. It is translated to & a m p ; (I have put spaces else site will again show it as &)

Vinay

Ah, I see you are not very familiar with HTML entities and how they work. If you want to make the text & show up in JavaRanch (or anywhere else in HTML for that matter) code it as:

&amp;

Now in your page, if the & is showing up on your site as & it doesn't mean that the character is not getting escaped, rather it means that it is getting escaped twice.

Use escapeXML="false" (to turn off any escaping) and look at the HTML that is being returned to the page (not what the browser is displaying). Are the characters already converted to HTML entities?

Yes they have been converted to html entities. When I do the view source , the text is
Today & tomorrow > 10

Originally posted by Vinay Singh:
Yes they have been converted to html entities. When I do the view source , the text is
Today & tomorrow > 10

Have they or haven't they? You say they have, But you show that they haven't. (I showed you in my previous reply how to deal with making your posts show what you want. Wherever you don't want the & to be considered an HTML entity and to just display as & use &)
[ July 14, 2008: Message edited by: Bear Bibeault ]

Originally posted by Bear Bibeault:

Have they or haven't they? You say they have, But you show that they haven't. (I showed you in my previous reply how to deal with making your posts show what you want. Wherever you don't want the & to be considered an HTML entity and to just display as & use &)

[ July 14, 2008: Message edited by: Bear Bibeault ]

When I view source I can see them converted. But this is on viewing source. If I view in browser then they appear as &
So should I save the user entered data & as & ?

Vinay

Hey bear I think I know why they are escaping twice. (thanks for explaining that)
When I save the data there is space next to &
And because of this it escapes twice.
If there are no spaces then it appears as & else &

But we cannot user from typing in without spaces. So how to handle this situation ?

What appears on the browser is immaterial for the moment. Let's just concentrate on what's in the HTML source. Get that right, and the display will be correct.

Your tactic should be to never (ever ever ever, and did I say ever) convert these characters to HTML entities anywhere in your code. Just store what the user entered exactly as it was entered. Then pass this string through <c

ut>on the JSP and let it take care of the escaping. Otherwise, you start getting into this issue of who converted where and worrying about double (or more conversions).

If your text is being converted before getting to the JSP, you need to find out where and kill it.
[ July 14, 2008: Message edited by: Bear Bibeault ]

P.S. We've been using the word "escaping", but really we should be saying "encoding".
[ July 14, 2008: Message edited by: Bear Bibeault ]

Hi Bear.
I went through each line of code to understand what the problem could be.
I found something strange
The code in jsp was within <tbody> and header was inside <thead>

<thead>
some static text.....
</thead>

<tbody>
<c:forEach var="user" items="${collNotes}">
<c

ut value="${user.Text}" escapeXml="false"/>
</c:forEach>
</tbody>

These are xhtml tags. These tags should not be used because of bad browser support
http://www.w3schools.com/TAGS/tag_tbody.asp

Now even if I do not use escapeXML="false", the jstl handles special characters && without any issues.

Thanks for the wonderful discussion and I learned something new about html.

Vinay