Package org.primefaces.util
Class EscapeUtils
- java.lang.Object
-
- org.primefaces.util.EscapeUtils
-
public class EscapeUtils extends Object
Utility methods contained herein must be used strictly for the appropriate context, e.g. HTML, HTML attribute, JS string.
Method calls are delegated to safe and well-tried whitelisting encoders from owasp-java-encoding.
-
-
Method Summary
-
-
-
Method Detail
-
forHtmlContent
public static String forHtmlContent(String input)
- See Also:
Encode.forHtmlContent(String)
-
forHtmlAttribute
public static String forHtmlAttribute(String input)
- See Also:
Encode.forHtmlAttribute(String)
-
forHtmlUnquotedAttribute
public static String forHtmlUnquotedAttribute(String input)
- See Also:
Encode.forHtmlUnquotedAttribute(String)
-
forUriComponent
public static String forUriComponent(String input)
- See Also:
Encode.forUriComponent(String)
-
forXmlContent
public static String forXmlContent(String input)
- See Also:
Encode.forXmlContent(String)
-
forXmlAttribute
public static String forXmlAttribute(String input)
- See Also:
Encode.forXmlAttribute(String)
-
forXmlComment
public static String forXmlComment(String input)
- See Also:
Encode.forXmlComment(String)
-
forJavaScript
public static String forJavaScript(String input)
- See Also:
Encode.forJavaScript(String)
-
forJavaScriptAttribute
public static String forJavaScriptAttribute(String input)
- See Also:
Encode.forJavaScriptAttribute(String)
-
forJavaScriptBlock
public static String forJavaScriptBlock(String input)
- See Also:
Encode.forJavaScriptBlock(String)
-
forJavaScriptSource
public static String forJavaScriptSource(String input)
- See Also:
Encode.forJavaScriptSource(String)
-
forXmlTag
public static String forXmlTag(String intag)
Ensure a valid XMLElement name is returned.
Uses theXMLChar
Replaces spaces by underscores, < by .lt, > by .gt. and all other characters by '.X.', where is the output ofInteger
.toHexString()- Parameters:
intag
- the source for the element name- Returns:
- valid XML element name
-
-