tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mufaddal Khumri <mufad...@wmotion.com>
Subject Re: Suggestions ?
Date Thu, 31 Jul 2003 09:06:44 GMT
Yes, thats a helpful function ... I was looking at :
http://jakarta.apache.org/taglibs/doc/string-doc/string-1.0.1/index.html
to see if i can find a good tag library to use ... havent found one 
that i could use yet. Am hoping that someone on the list has pointers 
to some standard function or taglib.

Thanks.

On Friday, August 1, 2003, at 02:57  AM, Steph Richardson wrote:

> I assume any html type tags that may be included in the text, you 
> would want rendered as visible HTML tags in the browser. So use a
> HTML encoding method. There doesn't seem to be a JRE standard for 
> this, so something like this will do it :
>
> 	public static String HTMLEncode( String unenc )
> 	{
> 		final String[] tokens = new String[] {"<", ">", "\"", "'"};
> 		final String[] replacement = new String[] {"&lt;", "&gt;", "&quot;", 
> "&#39;"};
>
> 		StringBuffer sb = new StringBuffer(unenc);
> 		for(int i = 0; i<tokens.length; i++)
> 		{
> 			int idx = 0;
> 			while((idx = sb.indexOf(tokens[i], idx)) != -1)
> 				sb.replace(idx, idx + tokens[i].length(), replacement[i]);
> 		}
> 		return sb.toString();
> 	}
>
>> -----Original Message-----
>> From: Mufaddal Khumri [mailto:mufaddal@wmotion.com]
>> Sent: Thursday, July 31, 2003 4:51 AM
>> To: Tomcat Users List
>> Subject: Suggestions ?
>>
>>
>> Hi,
>>
>> Am using tomcat 4.1.24.
>>
>> Have a XYZ.jsp with a form on it take data from the user. Once the 
>> user
>> clicks submit the data is stored in the  database and the data that 
>> the
>> user entered is shown to him on  ABC.jsp.
>>
>> The problem is that the user can enter anything in the text field and
>> text area of the form on XYZ.jsp. For example in the description text
>> area he or she might enter - text, an http url, maybe html tags etc.
>> Now when i grab this data from the form and store it to the databse it
>> works fine, but when i grab the data from the database and render it 
>> on
>> ABC.jsp it gets messed up because the html tags in the data interfere
>> with the html of the page. Is there a way in tomcat escape such
>> characters or are there java methods that i could use to pass this
>> string through that would do the escaping for me ?
>>
>> Thanks.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message