Saturday, November 2, 2013

Spring escapeXMl using StringEscapeUtils

escape xss from hacker

we have to  change value using  StringEscapeUtils.escapeXml(str)

this is apache library
import org.apache.commons.lang.StringEscapeUtils;


//handling xml special character & in Java String
        String xmlWithSpecial = "Java & HTML"; //xml String with & as special characters
        System.out.println("Original unescaped XML String: " + xmlWithSpecial);
        System.out.println("Escaped XML String in Java: "
                            +  StringEscapeUtils.escapeXml(xmlWithSpecial));
     
        //handling xml special character > in String on Java
        xmlWithSpecial = "Java > HTML"; //xml String with & as special characters
        System.out.println("Original unescaped XML String: " + xmlWithSpecial);
        System.out.println("Escaped XML String : " + StringEscapeUtils.escapeXml(xmlWithSpecial));
     
     

        //handling xml and html special character < in String
        xmlWithSpecial = "Java < HTML"; //xml String with & as special characters
        System.out.println("Original unescaped XML String: " + xmlWithSpecial);
        System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));
     
     

        //handling html and xml special character " in Java
        xmlWithSpecial = "Java \" HTML"; //xml String with & as special characters
        System.out.println("Original unescaped XML String: " + xmlWithSpecial);
        System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));
     
        //handling xml special character ' in String from Java
        xmlWithSpecial = "Java ' HTML"; //xml String with & as special characters
        System.out.println("Original unescaped XML String: " + xmlWithSpecial);
        System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));

No comments:

Post a Comment