This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes JSF and the fly likes what is escape= Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "what is escape="false" in outputText " Watch "what is escape="false" in outputText " New topic

what is escape="false" in outputText

Leonidas Savvides
Ranch Hand

Joined: Jan 31, 2010
Posts: 403
what is escape="false" in outputText ?
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

When you "escape" the values, they are converted to an HTML-compliant representation, for instance:
- < will become &lt;
- > will become &gt;
- & will become &amp;
- etc.

When you disable this with 'escape="false"' then this conversion won't happen.
Brendan Healey
Ranch Hand

Joined: May 12, 2009
Posts: 218

The important thing to consider when using escape="false" is that you open yourself up to cross site scripting (XSS)
attacks, if the information being displayed is user entered.
I agree. Here's the link:
subject: what is escape="false" in outputText
Similar Threads
how to view HTML code in jsf
rendering h:outputText with partial boldness
JSF that that escapes apostrophes?
html tags in property file
JSTL and bean data