You could also use the org.apache.commons.lang.StringEscapeUtils
It has many useful methods such as escapeHtml, escapeJava, escapeJavascript,
escapeXml, escapeSql and more.
I'm currently using commons-lang-2.1.jar
Gareth
Laurie Harper wrote:
Scott Van Wart wrote:
Frank W. Zammetti wrote:
Hi Scott... have a look at the ResponseHelpers class in Java Web Parts:
http://javawebparts.sourceforge.net
More precisely:
http://javawebparts.sourceforge.net/javadocs/index.html
The encodeEntities() method should do the trick.
Ahh... that class name you mentioned made me think of a class I saw
while stepping through some code... I think
org.apache.struts.util.ResponseUtils#filter will do the trick :).
If you want to escape the user-entered data at render time (i.e. when
you display it), that's already supported by various output-related tags
(c:out, bean:write, etc.) Escaping at render time is the usual approach,
since it protects you against malicious inputs from other sources (e.g.
SQL injection, bad database imports, etc.) I'm not aware of any
'standard' facilities for doing this to the user's input at submit-time,
though; if you want to do that, the ResponseUtils.filter() method is
probably your best bet.
L.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Gareth Evans
Senior Developer
MSoft eSolutions Limited
Technology Centre
Inward Way
Rossmore Business Park
Ellesmere Port
Cheshire
CH65 3EN
--
Tel: +44 (0)870 0100 704
Fax: +44 (0)870 9010 705
E-Mail: [EMAIL PROTECTED]
Web: www.msoft.co.uk
----------------------------------------------
Terms:
Please note that any prices quoted within this e-mail are subject to VAT.
All program details and code described in this e-mail are subject to
copyright © of MSoft eSolutions Limited and remain the intellectual
property of MSoft eSolutions Limited.
Any proposal or pricing information contained within this e-mail are
subject to MSoft eSolutions' Terms and Conditions
----------------------------------------------
Disclaimer:
This message is intended only for use of the addressee. If this message
was sent to you in error, please notify the sender and delete this
message. MSoft eSolutions Limited cannot accept responsibility for viruses,
so please scan attachments. Views expressed in this message do not
necessarily reflect those of MSoft eSolutions Limited who will not
necessarily be bound by its contents.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
