JSTL escaping special characters

jsp escaping jstl special-characters
Max picture Max · May 26, 2011 · Viewed 98.1k times · Source

I have this weird issue with special characters. In JSP, I am using field name as id and the name can be anything like

id="<1 and &>2" (OR)
id="aaa & bbb"

I don't have any other option to use ID's other than names, that what the only thing I get from backend.

So, Is there any logic to remove all the special characters using JSTL. With the present scenario, In JS I will do some operations with the ID. this is causing many issues for each kind of browser.

Please suggest, Thanks in advance...

Answer

JB Nizet picture JB Nizet · May 26, 2011

The JSTL provides two means of escaping HTML special chars :

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
[…]
<c:out value="${myName}"/>

and

<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
[…]
${fn:escapeXml(myName)}

Both wil transform the special chars into their respective HTML entities : (< becomes &lt;, & become &amp;...).

Note that the IDs must be encoded in HTML, but not in JavaScript.

Related questions

simple error due to use of double quotes in a jsp file

I have the following line of code in a JSP File in my web app that is giving an error: <jsp:setProperty name="db" property="userName" value="<%=request.getParameter("userName")%>"/> The error message that I get …

Read More
Escaping javascript string in java

I need to make this into a string in java: <script type="text/javascript">document.write("<img src=\"UpArrow.png\" /> \"); </script> Can someone help? I keep trying and it ends up like this... return "&…

Read More
"PKIX path building failed" and "unable to find valid certification path to requested target"

I'm trying to get tweets using twitter4j library for my java project. On my first run I got an error about certificate sun.security.validator.ValidatorException and sun.security.provider.certpath.SunCertPathBuilderException. Then I added twitter certificate by: C:\…

Read More