|
Escapes and unescapes Strings for Java, Java Script, HTML, XML, and SQL. Constructor Detailpublic StringEscapeUtils() StringEscapeUtils instances should NOT be constructed in standard programming. Instead, the class should be used as: StringEscapeUtils.escapeJava("foo"); This constructor is public to permit tools that require a JavaBean instance to operate. Method Detailpublic static java.lang.String escapeJava(java.lang.String str) Escapes the characters in a String using Java String rules. Deals correctly with quotes and control-chars (tab, backslash, cr, ff, etc.). So a tab becomes the characters '\\' and 't'. The only difference between Java strings and JavaScript strings is that in JavaScript, a single quote must be escaped. Example: input string: He didn't say, "Stop!" output string: He didn't say, \"Stop!\" Parameters: strString to escape values in, may be null Returns: String with escaped values, null if null string input public static void escapeJava(java.io.Writer out, java.lang.String str) throws java.io.IOException Escapes the characters in a String using Java String rules to a Writer. A null string input has no effect. Parameters: outWriter to write escaped string into strString to escape values in, may be null Throws: java.lang.IllegalArgumentExceptionif the Writer is null java.io.IOExceptionif error occurs on underlying Writer See Also: escapeJava(java.lang.String) public static java.lang.String escapeJavaScript(java.lang.String str) Escapes the characters in a String using JavaScript String rules. Escapes any values it finds into their JavaScript String form. Deals correctly with quotes and control-chars (tab, backslash, cr, ff, etc.). So a tab becomes the characters '\\' and 't'. The only difference between Java strings and JavaScript strings is that in JavaScript, a single quote must be escaped. Example: input string: He didn't say, "Stop!" output string: He didn\'t say, \"Stop!\" Parameters: strString to escape values in, may be null Returns: String with escaped values, null if null string input
Escapes the characters in a String using JavaScript String rules to a Writer. A null string input has no effect. Parameters: outWriter to write escaped string into strString to escape values in, may be null Throws: java.lang.IllegalArgumentExceptionif the Writer is null java.io.IOExceptionif error occurs on underlying Writer See Also: escapeJavaScript(java.lang.String) public static java.lang.String unescapeJava(java.lang.String str) Unescapes any Java literals found in the String. For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'. Parameters: strthe String to unescape, may be null Returns: a new unescaped String, null if null string input
Unescapes any Java literals found in the String to a Writer. For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'. A null string input has no effect. Parameters: outthe Writer used to output unescaped characters strthe String to unescape, may be null Throws: java.lang.IllegalArgumentExceptionif the Writer is null java.io.IOExceptionif error occurs on underlying Writer public static java.lang.String unescapeJavaScript(java.lang.String str) Unescapes any JavaScript literals found in the String. For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'. Parameters: strthe String to unescape, may be null Returns: A new unescaped String, null if null string input See Also: unescapeJava(String)
Unescapes any JavaScript literals found in the String to a Writer. For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'. A null string input has no effect. Parameters: outthe Writer used to output unescaped characters strthe String to unescape, may be null Throws: java.lang.IllegalArgumentExceptionif the Writer is null java.io.IOExceptionif error occurs on underlying Writer See Also: unescapeJava(Writer,String) public static java.lang.String escapeHtml(java.lang.String str) Escapes the characters in a String using HTML entities. For example: "bread" & "butter" => "bread" & "butter". Supports all known HTML 4.0 entities, including funky accents. Parameters: strthe String to escape, may be null Returns: a new escaped String, null if null string input See Also: unescapeHtml(String), ISO Entities, HTML 3.2 Character Entities for ISO Latin-1, HTML 4.0 Character entity references, HTML 4.01 Character References, HTML 4.01 Code positions public static java.lang.String unescapeHtml(java.lang.String str) Unescapes a string containing entity escapes to a string containing the actual Unicode characters corresponding to the escapes. Supports HTML 4.0 entities. For example, the string "<Français>" will become "<Français>" If an entity is unrecognized, it is left alone, and inserted verbatim into the result string. e.g. ">&zzzz;x" will become ">&zzzz;x". Parameters: strthe String to unescape, may be null Returns: a new unescaped String, null if null string input See Also: escapeHtml(String) public static java.lang.String escapeXml(java.lang.String str) Escapes the characters in a String using XML entities. For example: "bread" & "butter" => "bread" & "butter". Supports only the four basic XML entities (gt, lt, quot, amp). Does not support DTDs or external entities. Parameters: strthe String to escape, may be null Returns: a new escaped String, null if null string input See Also: unescapeXml(java.lang.String) public static java.lang.String unescapeXml(java.lang.String str) Unescapes a string containing XML entity escapes to a string containing the actual Unicode characters corresponding to the escapes. Supports only the four basic XML entities (gt, lt, quot, amp). Does not support DTDs or external entities. Parameters: strthe String to unescape, may be null Returns: a new unescaped String, null if null string input See Also: escapeXml(String) public static java.lang.String escapeSql(java.lang.String str) Escapes the characters in a String to be suitable to pass to an SQL query. For example, statement.executeQuery("SELECT * FROM MOVIES WHERE TITLE='" + StringEscapeUtils.escapeSql("McHale's Navy") + "'"); At present, this method only turns single-quotes into doubled single-quotes ("McHale's Navy" => "McHale's Navy"). It does not handle the cases of percent (%) or underscore (_) for use in LIKE clauses. see http://www.jguru.com/faq/view.jsp?EID=8881 Parameters: strthe string to escape, may be null Returns: a new String, escaped for SQL, null if null string input |
|