permaculture playing cards
The moose likes JSP and the fly likes ELResolver get Current Tag Name Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "ELResolver get Current Tag Name" Watch "ELResolver get Current Tag Name" New topic

ELResolver get Current Tag Name

Reginald Blank

Joined: Mar 11, 2011
Posts: 18
I've written my own ELResolver to escape any HTML in the output and prevent XSS.
It works fine, but double escapes output in <c:out> tags.
The workaround is to add disable XML escaping in the c:out tag, but I would like to automatically stop escaping when the ELResolver is evaluating an expression inside a c:out's value attribute.
Is there a way of working out which tag I'm current inside?
I've looked at the JSP page context, but can't find anything suitable.
I agree. Here's the link:
subject: ELResolver get Current Tag Name
It's not a secret anymore!