> -----Original Message-----
> From: A mailing list about Java Server Pages specification
> and reference
> [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Wilson
>
> i'm looking for a nice clean way of taking form input and
> making sure that
> any html has been converted to its appropriate entitles so
> that people can't
> insert html into our app. is there any easy way to do this with the
> standard java libraries or add ons? is the ECS at
> java.apapch.org what i
> want?
The thing I now use for this kind of thing can be found at:
http://mindprod.com/products.html
look for 'Quoter'.
Example:
<TEXTAREA ROWS="5" COLS="40" WRAP="SOFT" NAME="comments">
<%= Quoter.toHTML( request.getParameter( "comments" ) ) %>
</TEXTAREA>
It can also handle a variety of other escaping/unescaping methods.
Actually this site has a host of useful Java stuff on there.
HTH,
Steve S
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
