Class HtmlEscapingAwareTag

All Implemented Interfaces:
IterationTag, JspTag, Tag, TryCatchFinally, Serializable
Direct Known Subclasses:
AbstractFormTag, BindErrorsTag, BindTag, EscapeBodyTag, EvalTag, MessageTag, TransformTag, UrlTag

public abstract class HtmlEscapingAwareTag extends RequestContextAwareTag
Superclass for tags that output content that might get HTML-escaped.

Provides a "htmlEscape" property for explicitly specifying whether to apply HTML escaping. If not set, a page-level default (e.g. from the HtmlEscapeTag) or an application-wide default (the "defaultHtmlEscape" context-param in web.xml) is used.

Since:
1.1
Author:
Juergen Hoeller, Brian Clozel
See Also:
  • Constructor Details

    • HtmlEscapingAwareTag

      public HtmlEscapingAwareTag()
  • Method Details

    • setHtmlEscape

      public void setHtmlEscape(boolean htmlEscape) throws JspException
      Set HTML escaping for this tag, as boolean value. Overrides the default HTML escaping setting for the current page.
      Throws:
      JspException
      See Also:
    • isHtmlEscape

      protected boolean isHtmlEscape()
      Return the HTML escaping setting for this tag, or the default setting if not overridden.
      See Also:
    • isDefaultHtmlEscape

      protected boolean isDefaultHtmlEscape()
      Return the applicable default HTML escape setting for this tag.

      The default implementation checks the RequestContext's setting, falling back to false in case of no explicit default given.

      See Also:
    • isResponseEncodedHtmlEscape

      protected boolean isResponseEncodedHtmlEscape()
      Return the applicable default for the use of response encoding with HTML escaping for this tag.

      The default implementation checks the RequestContext's setting, falling back to false in case of no explicit default given.

      Since:
      4.1.2
      See Also:
    • htmlEscape

      protected String htmlEscape(String content)
      HTML-encodes the given String, only if the "htmlEscape" setting is enabled.

      The response encoding will be taken into account if the "responseEncodedHtmlEscape" setting is enabled as well.

      Parameters:
      content - the String to escape
      Returns:
      the escaped String
      Since:
      4.1.2
      See Also: