在纯 Java 中转义 HTML 符号的推荐方法是什么? [英] What is the recommended way to escape HTML symbols in plain Java?

问题描述

是否有推荐的方法来转义 <、>、" 和 & 字符以纯 Java 代码输出 HTML?(除了手动执行以下操作).

Is there a recommended way to escape <, >, " and & characters when outputting HTML in plain Java code? (Other than manually doing the following, that is).

String source = "The less than sign (<) and ampersand (&) must be escaped before using them in HTML";
String escaped = source.replace("<", "&lt;").replace("&", "&amp;"); // ...

推荐答案

StringEscapeUtils 来自 Apache Commons Lang:

import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
// ...
String source = "The less than sign (<) and ampersand (&) must be escaped before using them in HTML";
String escaped = escapeHtml(source);

对于 第 3 版:

import static org.apache.commons.lang3.StringEscapeUtils.escapeHtml4;
// ...
String escaped = escapeHtml4(source);

这篇关于在纯 Java 中转义 HTML 符号的推荐方法是什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！