> you should now that disabling the default escaping can lead to serious > security issues
Because of this I wrote: > But I would rather suggest to figure out where that encoding comes from. And I mean to analyze the saving not the display. You should take care that those values are stored as utf8 strings inside database, not encoded. Regards, Christoph > From: Bruno Wintenberger <bruno.wintenber...@gmail.com> > To: Struts Users Mailing List <user@struts.apache.org>, > Date: 30.07.2015 10:52 > Subject: Re: printing mathematical special characters > > Hello Yaragalla, > you should now that disabling the default escaping can lead to serious > security issues (mainly XSS : > https://www.owasp.org/index.php/Cross-site_Scripting_%28XSS%29). > > 2015-07-30 10:49 GMT+02:00 Yaragalla Muralidhar <yaragallamur...@gmail.com>: > > > Ok Christoph. Thanks for your response. I found that struts is doing it. > > <s:property value="name" escape="false" /> helped me to an extent. > > > > *Thanks and Regards,* > > Muralidhar Yaragalla. > > > > *http://yaragalla.blogspot.in/ <http://yaragalla.blogspot.in/>* > > > > On Thu, Jul 30, 2015 at 2:01 PM, Yaragalla Muralidhar < > > yaragallamur...@gmail.com> wrote: > > > > > > > > > > > I have mathematical symbols e.g. *alfa*, *beta*,*mu* . When I copy these > > > symbols in text area they are getting copied. I am copying them from word > > > document. When I insert them into the database using prepared statement > > the > > > symbols are getting inserted as code. for example the *alfa* is getting > > > stored asβ. This is fine I guess. But when I retrieve them from the > > > database using java.sq.Statement and displaying them in the html page > > they > > > are getting displayed as code instead of symbol. I mean "β" is > > > displayed in html instead displaying alfa symbol. So how to deal with > > this > > > situation? how can I store symbols and display them properly in html? > > > > > > I am using mysql database, java1.7,struts2.0 and tomcat7. > > > *Thanks and Regards,* > > > Muralidhar Yaragalla. > > > > > > *http://yaragalla.blogspot.in/ <http://yaragalla.blogspot.in/>* > > > > > This Email was scanned by Sophos Anti Virus
