• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Devaka Cooray
  • Liutauras Vilda
Sheriffs:
  • Jeanne Boyarsky
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Tim Moores
  • Carey Brown
  • Mikalai Zaikin
Bartenders:
  • Lou Hamers
  • Piet Souris
  • Frits Walraven

HTML-Safe Bean Output

 
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have beans with text properties that might contain characters that need to be escaped before being presented in html content.
How can I do this elegantly while preserving the separation of presentation and business logic? I.e. I don't want to a lot of java code in the jsp but I also don't want the beans to be responsible for html encoding. Any suggestions?
Thanks,
Mars
 
Sheriff
Posts: 67750
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'd suggest either a static method along the lines of URLEncoder.encode() (except HTMLEncoder.encode(), of course), or a custom tag to perform the encoding.
hth,
bear
 
Marcellus Tryk
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Bear,
I'm using a html encoding method, but that prevents me from using jsp:getProperty. This seems like it should be a pretty common problem. How can one be confident that a property returned by getProperty is HTML-safe?
Mars
 
Author
Posts: 160
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Marcellus Tryk:
Thanks Bear,
I'm using a html encoding method, but that prevents me from using jsp:getProperty. This seems like it should be a pretty common problem. How can one be confident that a property returned by getProperty is HTML-safe?
Mars


You can't, but JSTL's <c:out> tag, which effectively replaces <jsp:getProperty>, will automatically encode characters by default, thus making them "HTML-safe." (You can turn off this behavior by using the "escapeXml" attribute.)
See http://java.sun.com/products/jstl for more info on JSTL, a new JCP standard.
 
Marcellus Tryk
Ranch Hand
Posts: 64
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Shawn -
That sounds like what I'm looking for. I guess I need to start using JSTL.
Thanks!
Mars
 
Ranch Hand
Posts: 150
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I know ASP have a technique: buffer statement, which appears to solve the similar problem - i.e. to escape a block of html display under certain condition. I am wonder if JSP have something similar ?
 
Shawn Bayern
Author
Posts: 160
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ruilin Yang:
I know ASP have a technique: buffer statement, which appears to solve the similar problem - i.e. to escape a block of html display under certain condition. I am wonder if JSP have something similar ?


Yes, the <c ut> tag does exactly this.
 
Put a gun against his head, pulled my trigger, now he's dead, that tiny ad sure bled
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic