commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Chaffee / Purple Technology <>
Subject [lang] Entity Escaping (HTML/XML)
Date Wed, 09 Apr 2003 21:48:25 GMT
Now escapeHtml, escapeXml, and their unescape versions are checked in.
Anyone who thinks they may use them, please doublecheck my code,
tests, and conversion from the DTDs.

Some further thoughts...

These methods use the built-in named entities (like "&amp;" and
"&eacute;") from the most current version of HTML (which is now 4.01)
and XML (1.0).

While most users will want to use the most current set of named
entities, some will need to target a specific browser.  For them, the
current version may have too many entities -- their target browser may
not understand what "&Scaron;" means and they would prefer the escaper
use "&#352;" instead.

Is it worth worrying about this case?

If we decide to provide a solution for this, we could use:

	String escapeHtml(String)
	String escapeHtml40(String)
	String escapeHtml32(String)

However, that doesn't scale as well as the following:

	String escapeHtml(String)   -- always use the most current HTML
	String escapeEntities(String) -- use numeric escapes only
	String escapeEntities(String, Entities.HTML40) -- use HTML 4.0 
	String escapeEntities(String, Entities.HTML32) -- use HTML 3.2

	...and so on for other (as yet unknown) sets inside Entities.

escapeEntities and Entities.HTMLXX are already in existence as private
members.  To expose them would be straightforward.

And if we made the Entities class public, then they could roll their
own set.  This would be the most flexible but perhaps overly

No urgency here, but I wanted to get my thoughts on record.

Cheers -

 - Alex

Alex Chaffee                     
Purple Technology - Code and Consulting
jGuru - Java News and FAQs       
Gamelan - the Original Java site 
Stinky - Art and Angst           

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message