Escape quotes in JavaScript

前端 未结 13 596
不思量自难忘°
不思量自难忘° 2020-11-22 11:39

I\'m outputting values from a database (it isn\'t really open to public entry, but it is open to entry by a user at the company -- meaning, I\'m not worried about XSS).

相关标签:
13条回答
  • 2020-11-22 12:15

    If you're assembling the HTML in Java, you can use this nice utility class from Apache commons-lang to do all the escaping correctly:

    org.apache.commons.lang.StringEscapeUtils
    Escapes and unescapes Strings for Java, Java Script, HTML, XML, and SQL.

    0 讨论(0)
提交回复
热议问题