ubiware.core.visualizer.StringEscapingUtils
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public final class StringEscapingUtils
Convenience methods for escaping special characters related to HTML, XML, and regular expressions.
Taken from http://www.javapractices.com/topic/TopicAction.do?Id=96
To keep you safe by default, WEB4J goes to some effort to escape characters in your data when appropriate, such that you usually don't need to think too much about escaping special characters. Thus, you shouldn't need to directly use the services of this class very often.
For Model Objects containing free form user input, it is highly recommended that you use SafeText, not
String. Free form user input is open to malicious use, such as Cross Site Scripting attacks. Using SafeText will protect you
from such attacks, by always escaping special characters automatically in its toString() method.
The following WEB4J classes will automatically escape special characters for you, when needed :
SafeText class, used as a building block class for your application's Model Objects, for modeling all free form user
input
Populate tag used with forms
Report class used for creating quick reports
Text, TextFlow, and Tooltips custom tags used for translation
| Method Summary | |
|---|---|
static java.lang.String |
forHTML(java.lang.String aText)
Escape characters for text appearing in HTML markup. |
static java.lang.String |
forRegex(java.lang.String aRegexFragment)
Replace characters having special meaning in regular expressions with their escaped equivalents, preceded by a '\' character. |
static java.lang.String |
forScriptTagsOnly(java.lang.String aText)
Disable all |
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |