Re: escaping html entities

Thu, 20 Jan 2000 09:54:31 -0800 

I have it from somewhere.  I don't believe there is anything 'standard' that does
this.

public static String HTMLEncode(String text)
    {
     if (text == null)  return "";
     StringBuffer results = null;
     char[] orig = null;
     int beg = 0, len = text.length();
     for (int i = 0; i < len; ++i){
         char c = text.charAt(i);
         switch (c){
             case 0:
             case '&':
             case '<':
             case '>':
             case '"':
             if (results == null){
                 orig = text.toCharArray();
                 results = new StringBuffer(len+10);
             }
             if (i > beg)
                 results.append(orig, beg, i-beg);
             beg = i + 1;
             switch (c){
                 default: // case 0:
                 continue;
                 case '&':  results.append("&amp;");   break;
                 case '<':  results.append("&lt;");    break;
                 case '>':  results.append("&gt;");    break;
                 case '"':  results.append("&quot;");  break;
             }
         break;
         }
     }
     if (results == null)
         return text;
     results.append(orig, beg, len-beg);
     return results.toString();
    }

dave

Chris Wilson wrote:

> i'm looking for a nice clean way of taking form input and making sure that
> any html has been converted to its appropriate entitles so that people can't
> insert html into our app.  is there any easy way to do this with the
> standard java libraries or add ons?  is the ECS at java.apapch.org what i
> want?
>
> thanks for the help in advance,
> chris
>
> p.s.
> is there some of searchable archive of this list somewhere and if so where?
> gratzi!
>
> chris wilson
>
> {phone}
> tel + 616.471.9142
> fax + 616.471.6900
>
> {email}
> [EMAIL PROTECTED]
>
> {web}
> http://www.wondergeek.com
>
> ===========================================================================
> To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
> FAQs on JSP can be found at:
>  http://java.sun.com/products/jsp/faq.html
>  http://www.esperanto.org.nz/jsp/jspfaq.html

--
David Mossakowski              [EMAIL PROTECTED]
Programmer                           212.310.7275
Instinet Corporation

"I don't sit idly by, I'm planning a big surprise"

===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
 http://java.sun.com/products/jsp/faq.html
 http://www.esperanto.org.nz/jsp/jspfaq.html

Reply via email to