public class XSSUtils extends Object
Constructor and Description |
---|
XSSUtils() |
Modifier and Type | Method and Description |
---|---|
static String |
encodeForHTML(String source)
Use to encapsulate new-style (XSSAPI-based) encoding for HTML element content.
|
static String |
encodeForHTMLAttr(String source)
Use to encapsulate new-style (XSSAPI-based) encoding for HTML attribute values.
|
static String |
encodeForJSString(String source)
Use to encapsulate new-style (XSSAPI-based) encoding for JavaScript strings.
|
static String |
encodeForXML(String source)
Use to encapsulate new-style (XSSAPI-based) encoding for XML element content.
|
static String |
encodeForXMLAttr(String source)
Use to encapsulate new-style (XSSAPI-based) encoding for XML attribute values.
|
static String |
encodeUrl(String urlString)
Use to ensure that HTTP query strings are in proper form, by escaping
special characters such as spaces.
|
static String |
escapeHtml(String htmlString)
Use to encapsulate old-style escaping of HTML (using StringEscapeUtils).
|
static String |
escapeXml(String xmlString)
Use to encapsulate old-style escaping of XML (with JSTL encoding rules).
|
public static String encodeUrl(String urlString)
urlString
- the string to be encodedpublic static String escapeHtml(String htmlString)
htmlString
- the string to be escapedpublic static String escapeXml(String xmlString)
xmlString
- the string to be escapedpublic static String encodeForHTML(String source)
source
- the string to be encodedpublic static String encodeForHTMLAttr(String source)
source
- the string to be encodedpublic static String encodeForXML(String source)
source
- the string to be encodedpublic static String encodeForXMLAttr(String source)
source
- the string to be encodedCopyright © 2007–2018 The Apache Software Foundation. All rights reserved.