jQuery in Action, 3rd edition
The moose likes JSF and the fly likes what is escape= Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSF
Bookmark "what is escape="false" in outputText " Watch "what is escape="false" in outputText " New topic

what is escape="false" in outputText

Leonidas Savvides
Ranch Hand

Joined: Jan 31, 2010
Posts: 403
what is escape="false" in outputText ?
Koen Aerts
Ranch Hand

Joined: Feb 07, 2012
Posts: 344

When you "escape" the values, they are converted to an HTML-compliant representation, for instance:
- < will become &lt;
- > will become &gt;
- & will become &amp;
- etc.

When you disable this with 'escape="false"' then this conversion won't happen.
Brendan Healey
Ranch Hand

Joined: May 12, 2009
Posts: 218

The important thing to consider when using escape="false" is that you open yourself up to cross site scripting (XSS)
attacks, if the information being displayed is user entered.
I agree. Here's the link: http://aspose.com/file-tools
subject: what is escape="false" in outputText
It's not a secret anymore!