This week's giveaway is in the EJB and other Java EE Technologies forum.
We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line!
See this thread for details.
The moose likes JSF and the fly likes what is escape= Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "what is escape="false" in outputText " Watch "what is escape="false" in outputText " New topic
Author

what is escape="false" in outputText

Leonidas Savvides
Ranch Hand

Joined: Jan 31, 2010
Posts: 402
what is escape="false" in outputText ?
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

When you "escape" the values, they are converted to an HTML-compliant representation, for instance:
- < will become &lt;
- > will become &gt;
- & will become &amp;
- etc.

When you disable this with 'escape="false"' then this conversion won't happen.
Brendan Healey
Ranch Hand

Joined: May 12, 2009
Posts: 218

The important thing to consider when using escape="false" is that you open yourself up to cross site scripting (XSS)
attacks, if the information being displayed is user entered.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: what is escape="false" in outputText
 
Similar Threads
html tags in property file
rendering h:outputText with partial boldness
JSTL and bean data
how to view HTML code in jsf
JSF that that escapes apostrophes?