escape xss from hacker
we have to change value using StringEscapeUtils.escapeXml(str)
this is apache library
import org.apache.commons.lang.StringEscapeUtils;
//handling xml special character & in Java String
String xmlWithSpecial = "Java & HTML"; //xml String with & as special characters
System.out.println("Original unescaped XML String: " + xmlWithSpecial);
System.out.println("Escaped XML String in Java: "
+ StringEscapeUtils.escapeXml(xmlWithSpecial));
//handling xml special character > in String on Java
xmlWithSpecial = "Java > HTML"; //xml String with & as special characters
System.out.println("Original unescaped XML String: " + xmlWithSpecial);
System.out.println("Escaped XML String : " + StringEscapeUtils.escapeXml(xmlWithSpecial));
//handling xml and html special character < in String
xmlWithSpecial = "Java < HTML"; //xml String with & as special characters
System.out.println("Original unescaped XML String: " + xmlWithSpecial);
System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));
//handling html and xml special character " in Java
xmlWithSpecial = "Java \" HTML"; //xml String with & as special characters
System.out.println("Original unescaped XML String: " + xmlWithSpecial);
System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));
//handling xml special character ' in String from Java
xmlWithSpecial = "Java ' HTML"; //xml String with & as special characters
System.out.println("Original unescaped XML String: " + xmlWithSpecial);
System.out.println("Escaped XML String: " + StringEscapeUtils.escapeXml(xmlWithSpecial));
No comments:
Post a Comment