tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steph Richardson" <st...@kvasar.com>
Subject RE: Suggestions ?
Date Thu, 31 Jul 2003 21:27:25 GMT
I assume any html type tags that may be included in the text, you would want rendered as visible
HTML tags in the browser. So use a
HTML encoding method. There doesn't seem to be a JRE standard for this, so something like
this will do it :

	public static String HTMLEncode( String unenc )
	{
		final String[] tokens = new String[] {"<", ">", "\"", "'"};
		final String[] replacement = new String[] {"&lt;", "&gt;", "&quot;", "&#39;"};

		StringBuffer sb = new StringBuffer(unenc);
		for(int i = 0; i<tokens.length; i++)
		{
			int idx = 0;
			while((idx = sb.indexOf(tokens[i], idx)) != -1)
				sb.replace(idx, idx + tokens[i].length(), replacement[i]);
		}
		return sb.toString();
	}

> -----Original Message-----
> From: Mufaddal Khumri [mailto:mufaddal@wmotion.com]
> Sent: Thursday, July 31, 2003 4:51 AM
> To: Tomcat Users List
> Subject: Suggestions ?
>
>
> Hi,
>
> Am using tomcat 4.1.24.
>
> Have a XYZ.jsp with a form on it take data from the user. Once the user
> clicks submit the data is stored in the  database and the data that the
> user entered is shown to him on  ABC.jsp.
>
> The problem is that the user can enter anything in the text field and
> text area of the form on XYZ.jsp. For example in the description text
> area he or she might enter - text, an http url, maybe html tags etc.
> Now when i grab this data from the form and store it to the databse it
> works fine, but when i grab the data from the database and render it on
> ABC.jsp it gets messed up because the html tags in the data interfere
> with the html of the page. Is there a way in tomcat escape such
> characters or are there java methods that i could use to pass this
> string through that would do the escaping for me ?
>
> Thanks.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message