Class HtmlUtils
- java.lang.Object
- org.springframework.web.util.HtmlUtils
public abstract class HtmlUtils extends Object
Utility class for HTML escaping. Escapes and unescapes based on the W3C HTML 4.01 recommendation, handling character entity references.Reference: http://www.w3.org/TR/html4/charset.html
For a comprehensive set of String escaping utilities, consider Apache Commons Lang and its StringEscapeUtils class. We are not using that class here to avoid a runtime dependency on Commons Lang just for HTML escaping. Furthermore, Spring's HTML escaping is more flexible and 100% HTML 4.0 compliant.
- Since:
- 01.03.2003
- Author:
- Juergen Hoeller, Martin Kersten, Craig Andrews
Constructor Summary
Constructors Constructor Description HtmlUtils()
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static String
htmlEscape(String input)
Turn special characters into HTML character references.static String
htmlEscape(String input, String encoding)
Turn special characters into HTML character references.static String
htmlEscapeDecimal(String input)
Turn special characters into HTML character references.static String
htmlEscapeDecimal(String input, String encoding)
Turn special characters into HTML character references.static String
htmlEscapeHex(String input)
Turn special characters into HTML character references.static String
htmlEscapeHex(String input, String encoding)
Turn special characters into HTML character references.static String
htmlUnescape(String input)
Turn HTML character references into their plain text UNICODE equivalent.
Constructor Detail
HtmlUtils
public HtmlUtils()
Method Detail
htmlEscape
public static String htmlEscape(String input)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding entity reference (e.g.
<
).- Parameters:
input
- the (unescaped) input string- Returns:
- the escaped string
htmlEscape
public static String htmlEscape(String input, String encoding)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding entity reference (e.g.
<
) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.- Parameters:
input
- the (unescaped) input stringencoding
- the name of a supportedcharset
- Returns:
- the escaped string
- Since:
- 4.1.2
htmlEscapeDecimal
public static String htmlEscapeDecimal(String input)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding numeric reference in decimal format (Decimal;).
- Parameters:
input
- the (unescaped) input string- Returns:
- the escaped string
htmlEscapeDecimal
public static String htmlEscapeDecimal(String input, String encoding)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding numeric reference in decimal format (Decimal;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.
- Parameters:
input
- the (unescaped) input stringencoding
- the name of a supportedcharset
- Returns:
- the escaped string
- Since:
- 4.1.2
htmlEscapeHex
public static String htmlEscapeHex(String input)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding numeric reference in hex format (Hex;).
- Parameters:
input
- the (unescaped) input string- Returns:
- the escaped string
htmlEscapeHex
public static String htmlEscapeHex(String input, String encoding)
Turn special characters into HTML character references. Handles complete character set defined in HTML 4.01 recommendation.Escapes all special characters to their corresponding numeric reference in hex format (Hex;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.
- Parameters:
input
- the (unescaped) input stringencoding
- the name of a supportedcharset
- Returns:
- the escaped string
- Since:
- 4.1.2
htmlUnescape
public static String htmlUnescape(String input)
Turn HTML character references into their plain text UNICODE equivalent.Handles complete character set defined in HTML 4.01 recommendation and all reference types (decimal, hex, and entity).
Correctly converts the following formats:
&#Entity; - (Example: &) case sensitive &#Decimal; - (Example: D)
Gracefully handles malformed character references by copying original characters as is when encountered.
&#xHex; - (Example: å) case insensitive- Parameters:
input
- the (escaped) input string- Returns:
- the unescaped string