When i need to escape Html string?

前端 未结 4 1792
孤独总比滥情好
孤独总比滥情好 2021-02-08 02:36

In my legacy project i can see the usage of escapeHtml before string is sent to browser.

StringEscapeUtils.escapeHtml(stringBody);

I know from

4条回答
  •  逝去的感伤
    2021-02-08 02:56

    you have to escape html or xml when there is a possibility that it might get interpreted along with the page-generated html (read jsp).

    this good question also explains it.

提交回复
热议问题