public abstract class HtmlUtils extends Object
Reference: http://www.w3.org/TR/html4/charset.html
For a comprehensive set of String escaping utilities, consider Jakarta Commons Lang and its StringEscapeUtils class. We are not using that class here to avoid a runtime dependency on Commons Lang just for HTML escaping. Furthermore, Spring's HTML escaping is more flexible and 100% HTML 4.0 compliant.
StringEscapeUtils
Constructor and Description |
---|
HtmlUtils() |
Modifier and Type | Method and Description |
---|---|
static String |
htmlEscape(String input)
Turn special characters into HTML character references.
|
static String |
htmlEscape(String input,
String encoding)
Turn special characters into HTML character references.
|
static String |
htmlEscapeDecimal(String input)
Turn special characters into HTML character references.
|
static String |
htmlEscapeDecimal(String input,
String encoding)
Turn special characters into HTML character references.
|
static String |
htmlEscapeHex(String input)
Turn special characters into HTML character references.
|
static String |
htmlEscapeHex(String input,
String encoding)
Turn special characters into HTML character references.
|
static String |
htmlUnescape(String input)
Turn HTML character references into their plain text UNICODE equivalent.
|
public static String htmlEscape(String input)
Escapes all special characters to their corresponding
entity reference (e.g. <
).
input
- the (unescaped) input stringpublic static String htmlEscape(String input, String encoding)
Escapes all special characters to their corresponding
entity reference (e.g. <
) at least as required by the
specified encoding. In other words, if a special character does
not have to be escaped for the given encoding, it may not be.
input
- the (unescaped) input stringencoding
- The name of a supported charset
public static String htmlEscapeDecimal(String input)
Escapes all special characters to their corresponding numeric reference in decimal format (Decimal;).
input
- the (unescaped) input stringpublic static String htmlEscapeDecimal(String input, String encoding)
Escapes all special characters to their corresponding numeric reference in decimal format (Decimal;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.
input
- the (unescaped) input stringencoding
- The name of a supported charset
public static String htmlEscapeHex(String input)
Escapes all special characters to their corresponding numeric reference in hex format (Hex;).
input
- the (unescaped) input stringpublic static String htmlEscapeHex(String input, String encoding)
Escapes all special characters to their corresponding numeric reference in hex format (Hex;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.
input
- the (unescaped) input stringencoding
- The name of a supported charset
public static String htmlUnescape(String input)
Handles complete character set defined in HTML 4.01 recommendation and all reference types (decimal, hex, and entity).
Correctly converts the following formats:
&#Entity; - (Example: &) case sensitive &#Decimal; - (Example: D)Gracefully handles malformed character references by copying original characters as is when encountered.
&#xHex; - (Example: å) case insensitive
input
- the (escaped) input string