Java HtmlUtils.htmlEscape方法代码示例

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public static void main(String[] args) {  
    String specialStr = " #测试转义：#<table id=\"testid\"><tr>test1;test2</tr></table>";
 // ①转换为HTML转义字符表示
    String str1 = HtmlUtils.htmlEscape(specialStr);
    System.out.println(str1);

 // ②转换为数据转义表示
    String str2 = HtmlUtils.htmlEscapeDecimal(specialStr);
    System.out.println(str2);

  //③转换为十六进制数据转义表示
    String str3 = HtmlUtils.htmlEscapeHex(specialStr);
    System.out.println(str3);

   // ④下面对转义后字符串进行反向操作
    System.out.println(HtmlUtils.htmlUnescape(str1));
    System.out.println(HtmlUtils.htmlUnescape(str2));
    System.out.println(HtmlUtils.htmlUnescape(str3));
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
@SuppressWarnings("unchecked")
private <T extends ObjectError> T escapeObjectError(T source) {
	if (source == null) {
		return null;
	}
	if (source instanceof FieldError) {
		FieldError fieldError = (FieldError) source;
		Object value = fieldError.getRejectedValue();
		if (value instanceof String) {
			value = HtmlUtils.htmlEscape((String) value);
		}
		return (T) new FieldError(
				fieldError.getObjectName(), fieldError.getField(), value,
				fieldError.isBindingFailure(), fieldError.getCodes(),
				fieldError.getArguments(), HtmlUtils.htmlEscape(fieldError.getDefaultMessage()));
	}
	else {
		return (T) new ObjectError(
				source.getObjectName(), source.getCodes(), source.getArguments(),
				HtmlUtils.htmlEscape(source.getDefaultMessage()));
	}
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
/**
 * 大颗粒标签过滤(含<>)
 * @param value
 * @return 返回转义后的字符
 */
public String largeGrainedTagFilter(String value) {
	 //标准脚本和HTML<script>alert(999)</script>
	 //简化脚本和HTML<script type="" src=""/>
	 //</script>
	Pattern scriptPattern = Pattern.compile("(<(.*?)>(.*)</(.*?)>|<(.*?)/>|</(.*?)>)", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
    //value = scriptPattern.matcher(value).replaceAll("");
	boolean boo = scriptPattern.matcher(value).find();
       if(boo){
       	value =	HtmlUtils.htmlEscape(value);
       }
       System.out.println("1:"+value);
       
       //不规范的脚本<script>
       scriptPattern = Pattern.compile("<(.*?)>", Pattern.CASE_INSENSITIVE | Pattern.MULTILINE | Pattern.DOTALL);
       boo = scriptPattern.matcher(value).find();
       if(boo){
       	value =	HtmlUtils.htmlEscape(value);
       }
       System.out.println(value);
       
       return value;
	
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
/**
 * override setAsText method , then register
 */
@Override
public void setAsText(String text) throws IllegalArgumentException {
	
	 if (!StringUtils.hasText(text)) {  
            return;  
        }else {
		String value = text;
		if (escapeHTML) {
			value = HtmlUtils.htmlEscape(value);
		}
		if (escapeJavaScript) {
			value = JavaScriptUtils.javaScriptEscape(value);
		}
		super.setValue(value);
	}
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public static Article createSpeak(Zone zone,
    String zoneAliasName,
    FlakeId articleId,
    Account author,
    String title,
    String content,
    Instant now) {
  Preconditions.checkArgument(isValidTitle(title));
  Preconditions.checkArgument(isValidContent(content));
  String safeTitle = HtmlUtils.htmlEscape(title);
  return new Article(zone,
      zoneAliasName,
      articleId,
      safeTitle,
      null,
      content,
      ArticleContentType.MARK_DOWN,
      now,
      author.getAccountId(),
      author.getUsername(),
      false,
      0,
      0,
      0);
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public static Article createExternalLink(Zone zone,
    String zoneAliasName,
    FlakeId articleId,
    Account author,
    String title,
    String link,
    Instant now) {
  Preconditions.checkArgument(isValidTitle(title));
  Preconditions.checkArgument(isValidLink(link));
  String safeTitle = HtmlUtils.htmlEscape(title);
  String safeLink = HtmlUtils.htmlEscape(link);
  return new Article(zone,
      zoneAliasName,
      articleId,
      safeTitle,
      safeLink,
      null,
      ArticleContentType.NONE,
      now,
      author.getAccountId(),
      author.getUsername(),
      false,
      0,
      0,
      0);
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
/**
 * @see MessageTag#doStartTagInternal()
 * @should evaluate specified message resolvable
 * @should resolve message by code
 * @should resolve message in locale that different from default
 * @should return code if no message resolved
 * @should use body content as fallback if no message resolved
 * @should use text attribute as fallback if no message resolved
 * @should use body content in prior to text attribute as fallback if no message resolved
 * @should ignore fallbacks if tag locale differs from context locale
 */
@Override
protected int doEndTagInternal() throws JspException, IOException {
	try {
		// Resolve the unescaped message.
		String msg = resolveMessage();
		
		// HTML and/or JavaScript escape, if demanded.
		msg = isHtmlEscape() ? HtmlUtils.htmlEscape(msg) : msg;
		msg = this.javaScriptEscape ? JavaScriptUtils.javaScriptEscape(msg) : msg;
		
		// Expose as variable, if demanded, else write to the page.
		String resolvedVar = this.var;
		if (resolvedVar != null) {
			pageContext.setAttribute(resolvedVar, msg, TagUtils.getScope(this.scope));
		} else {
			writeMessage(msg);
		}
		
		return EVAL_PAGE;
	}
	catch (NoSuchMessageException ex) {
		throw new JspTagException(getNoSuchMessageExceptionDescription(ex));
	}
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
/**
 * リンクとして出力するURLを生成します。
 * @param url パス
 * @param params パスに付与するパラメータ
 * @param pageContext ページコンテキスト
 * @param isHtmlEscape HTMLの特殊文字をエスケープするかどうか
 * @param isJavaScriptEscape JavaScriptの特殊文字をエスケープするかどうか
 * @return パス
 * @throws JspException 予期しない例外
 */
public static String createUrl(String url, Map<String, String[]> params, PageContext pageContext, boolean isHtmlEscape, boolean isJavaScriptEscape) throws JspException {
    HttpServletRequest request = (HttpServletRequest)pageContext.getRequest();
    HttpServletResponse response = (HttpServletResponse)pageContext.getResponse();

    StringBuilder buffer = new StringBuilder();
    UrlType urlType = getUrlType(url);
    if (urlType == UrlType.CONTEXT_RELATIVE) {
        buffer.append(request.getContextPath());
        if (!url.startsWith("/")) {
            buffer.append("/");
        }
    }
    buffer.append(replaceUriTemplateParams(url, params, pageContext));
    buffer.append(createQueryString(params, (url.indexOf("?") == -1), pageContext));

    String urlStr = buffer.toString();
    if (urlType != UrlType.ABSOLUTE) {
        urlStr = response.encodeURL(urlStr);
    }

    urlStr = isHtmlEscape ? HtmlUtils.htmlEscape(urlStr) : urlStr;
    urlStr = isJavaScriptEscape ? JavaScriptUtils.javaScriptEscape(urlStr) : urlStr;

    return urlStr;
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
@Override
public Item add(Integer tenantId, String itemId, String itemType, String itemDescription, String url,
                String imageurl) {
    try {
        Object[] args = {tenantId, itemId, itemType, HtmlUtils.htmlEscape(itemDescription), Web.makeUrlSecure(url),
                Web.makeUrlSecure(imageurl)};

        KeyHolder keyHolder = new GeneratedKeyHolder();
        getJdbcTemplate().update(PS_ADD_ITEM.newPreparedStatementCreator(args), keyHolder);

        return new Item(keyHolder.getKey().toString(), tenantId, itemId, itemType,
                HtmlUtils.htmlEscape(itemDescription), Web.makeUrlSecure(url), Web.makeUrlSecure(imageurl),
                null, true, new Date().toString());

    } catch (Exception e) {
        logger.error("An error occured adding an item!", e);
        return null;
    }

}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public String normalizePseudo(final String pseudo) throws ExecutionException {
	if (null == pseudo || pseudo.trim().isEmpty()) {
		return new StringBuilder("Ann Onymous #").append(getAnonymousCounter().incrementAndGet()).toString();
	} else {
		String lpseudo = pseudo.trim();
		final Matcher m = Service.PATTERN.matcher(lpseudo);
		if (m.matches()) {
			if(lpseudo.length() > 40) {
				lpseudo = HtmlUtils.htmlEscape(new StringBuilder(lpseudo.substring(0, 40)).append("...").toString());
			}
			return lpseudo;
		} else {
			return new StringBuilder("Fucked up #").append(getFuckedupCounter().incrementAndGet()).toString();
		}
	}
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public GBActivityGridRowDTO(Activity activity, String groupName, Long groupId) {

	if (groupName != null && groupId != null) {
	    // Need to make the id unique, so appending the group id for this row
	    this.id = activity.getActivityId().toString() + "_" + groupId.toString();

	    this.groupId = groupId;
	    // If grouped acitivty, append group name
	    this.rowName = HtmlUtils.htmlEscape(activity.getTitle()) + " (" + groupName + ")";
	} else {
	    this.id = activity.getActivityId().toString();

	    this.rowName = HtmlUtils.htmlEscape(activity.getTitle());
	}

	String competenceMappingsStr = "";
	if ( activity.isToolActivity() ) {
	    ToolActivity toolActivity = (ToolActivity) activity;
        	//Constructs the competences for this activity.
        	Set<CompetenceMapping> competenceMappings = toolActivity.getCompetenceMappings();
        	
        	if (competenceMappings != null) {
        	    for (CompetenceMapping mapping : competenceMappings) {
        		competenceMappingsStr += mapping.getCompetence().getTitle() + ", ";
        	    }
        
        	    // trim the last comma off
        	    if (competenceMappingsStr.length() > 0) {
        		competenceMappingsStr = competenceMappingsStr.substring(0, competenceMappingsStr.lastIndexOf(","));
        	    }
        	}
        
	} 
	this.competences = competenceMappingsStr;

    }
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
@Override
   public void doTag() throws JspException, IOException {
if (escapeHtml) {
    value = HtmlUtils.htmlEscape(value);
}
value = value.replaceAll("\n", "<br>");
getJspContext().getOut().write(value.toString());
   }
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public String preferenceHtml(String nameFormat, boolean highlightClassPrefs) {
   	StringBuffer sb = new StringBuffer("<span ");
   	String style = "font-weight:bold;";
	if (this.getPrefLevel().getPrefId().intValue() != 4) {
		style += "color:" + this.getPrefLevel().prefcolor() + ";";
	}
	if (this.getOwner() != null && this.getOwner() instanceof Class_ && highlightClassPrefs) {
		style += "background: #ffa;";
	}
	sb.append("style='" + style + "' ");
	String owner = "";
	if (getOwner() != null && getOwner() instanceof Class_) {
		owner = " (" + MSG.prefOwnerClass() + ")";
	} else if (getOwner() != null && getOwner() instanceof SchedulingSubpart) {
		owner = " (" + MSG.prefOwnerSchedulingSubpart() + ")";
	} else if (getOwner() != null && getOwner() instanceof DepartmentalInstructor) {
		owner = " (" + MSG.prefOwnerInstructor() + ")";
	} else if (getOwner() != null && getOwner() instanceof Exam) {
		owner = " (" + MSG.prefOwnerExamination() + ")";
	} else if (getOwner() != null && getOwner() instanceof Department) {
		owner = " (" + MSG.prefOwnerDepartment() + ")";
	} else if (getOwner() != null && getOwner() instanceof Session) {
		owner = " (" + MSG.prefOwnerSession() + ")";
	}
	String hint = HtmlUtils.htmlEscape(preferenceTitle(nameFormat) + owner);
	String description = preferenceDescription();
	if (description != null && !description.isEmpty())
		hint += "<br>" + HtmlUtils.htmlEscape(description.replace("\'", "\\\'")).replace("\n", "<br>");
	sb.append("onmouseover=\"showGwtHint(this, '" + hint + "');\" onmouseout=\"hideGwtHint();\">");
	
	sb.append(this.preferenceAbbv(nameFormat));
	sb.append("</span>");
	return (sb.toString());
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
public void log(String level, String message, Throwable t) {
    if (iTextLog==null) return;
    if (message!=null) {
    	String escapedMessage = HtmlUtils.htmlEscape(message);
        if (sLogLevelDebug.equals(level)) iTextLog.println("<font color='gray'>&nbsp;&nbsp;--"+escapedMessage+"</font>");
        else if (sLogLevelInfo.equals(level)) iTextLog.println(escapedMessage+"");
        else if (sLogLevelWarn.equals(level)) iTextLog.println("<font color='orange'>"+escapedMessage+"</font>");
        else if (sLogLevelError.equals(level)) iTextLog.println("<font color='red'>"+escapedMessage+"</font>");
        else if (sLogLevelFatal.equals(level)) iTextLog.println("<font color='red'><b>"+escapedMessage+"</b></font>");
        else iTextLog.println(escapedMessage);
    }
}
 

import org.springframework.web.util.HtmlUtils; //导入方法依赖的package包/类
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {

    String param = req.getHeader("hello");

    String out = HtmlUtils.htmlEscape(param);
    resp.getWriter().print(out);
}