public abstract class HtmlUtils
extends java.lang.Object
Reference: http://www.w3.org/TR/html4/charset.html
For a comprehensive set of String escaping utilities, consider Jakarta Commons Lang and its StringEscapeUtils class. We are not using that class here to avoid a runtime dependency on Commons Lang just for HTML escaping. Furthermore, Spring's HTML escaping is more flexible and 100% HTML 4.0 compliant.
StringEscapeUtils
Constructor and Description |
---|
HtmlUtils() |
Modifier and Type | Method and Description |
---|---|
static java.lang.String |
htmlEscape(java.lang.String input)
Turn special characters into HTML character references.
|
static java.lang.String |
htmlEscapeDecimal(java.lang.String input)
Turn special characters into HTML character references.
|
static java.lang.String |
htmlEscapeHex(java.lang.String input)
Turn special characters into HTML character references.
|
static java.lang.String |
htmlUnescape(java.lang.String input)
Turn HTML character references into their plain text UNICODE equivalent.
|
public static java.lang.String htmlEscape(java.lang.String input)
Escapes all special characters to their corresponding
entity reference (e.g. <
).
input
- the (unescaped) input stringpublic static java.lang.String htmlEscapeDecimal(java.lang.String input)
Escapes all special characters to their corresponding numeric reference in decimal format (Decimal;).
input
- the (unescaped) input stringpublic static java.lang.String htmlEscapeHex(java.lang.String input)
Escapes all special characters to their corresponding numeric reference in hex format (Hex;).
input
- the (unescaped) input stringpublic static java.lang.String htmlUnescape(java.lang.String input)
Handles complete character set defined in HTML 4.01 recommendation and all reference types (decimal, hex, and entity).
Correctly converts the following formats:
&#Entity; - (Example: &) case sensitive &#Decimal; - (Example: D)Gracefully handles malformed character references by copying original characters as is when encountered.
&#xHex; - (Example: å) case insensitive
input
- the (escaped) input string