5

I have a JSP page which accepts SQL queries, performs them then returns the results in a table. A few of the results occasionally have HTML tags in them i.e. - a result will return:

This is the returned result! I have <br> and <hr> tags!

When this gets put through the code to handle the return and place it into a table it will actually "render" the <br> and <hr> tags as HTML, but I want it to simply show the actual <br> and <hr> tags.

Currently the return is printed using <%=colvalue %>

How can I do this?

Improve this question

5 Answers 5

Reset to default
6

If you're using JSTL, the <c:out> tag escapes what you pass to it by default.

E.g.

<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
<c:out value="${value}"/>

You can also use the escapeXml el function from the functions taglib

 <%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn"  %>
 ${fn:escapeXml(someVarWithHtmlInIt)}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Check out this page for a simple method which will escape a string you pass into it: http://www.rgagnon.com/javadetails/java-0306.html

Improve this answer

Comments

1

I have &lt;br&gt; and &lt;hr&gt; tags!

Improve this answer

1 Comment

This will suffer the same problem in getting "rendered" as the tags.
0

You can use the JSTL tag. It has an escapeXML parameter that will do what you want to do.

Improve this answer

Comments

-2

In PHP you would use htmlentities and htmlspecialchars

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.