Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes JSF and the fly likes what is escape= Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "what is escape="false" in outputText " Watch "what is escape="false" in outputText " New topic
Author

what is escape="false" in outputText

Leonidas Savvides
Ranch Hand

Joined: Jan 31, 2010
Posts: 403
what is escape="false" in outputText ?
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

When you "escape" the values, they are converted to an HTML-compliant representation, for instance:
- < will become &lt;
- > will become &gt;
- & will become &amp;
- etc.

When you disable this with 'escape="false"' then this conversion won't happen.
Brendan Healey
Ranch Hand

Joined: May 12, 2009
Posts: 218

The important thing to consider when using escape="false" is that you open yourself up to cross site scripting (XSS)
attacks, if the information being displayed is user entered.
 
jQuery in Action, 2nd edition
 
subject: what is escape="false" in outputText