My response controller can send responses in either JSON or XML format, depending on configuration, so I don't have to code any of that. I like that. However, I noticed a difference between the JSON and XML format that is not surprising on reflection, but which I think I'd now like to control.
If I have a piece of data with xml-special characters, like "<" and others, the XML response properly encodes those characters. The JSON response does not. This is understandable, because unencoded XML or HTML in a JSON string is perfectly valid. The GUI that uses my service is pasting the data into html unchanged. This appears to occasionally cause rendering problems when the text of some data fields contain characters that should be encoded in html (there's no cross-site scripting problem here, it's just an internal monitoring application). I can very easily manually call "StringEscapeUtils.escapeHtml4()" (or perhaps "escapeXml" to be consistent) before I put data into the response, but I was wondering if I could coerce CXF's JSON encoding to encode data the same way the XML encoding works. Is that possible and reasonable?
