How can I do this elegantly while preserving the separation of presentation and business logic? I.e. I don't want to a lot of java code in the jsp but I also don't want the beans to be responsible for html encoding. Any suggestions?
Originally posted by Marcellus Tryk:
I'm using a html encoding method, but that prevents me from using jsp:getProperty. This seems like it should be a pretty common problem. How can one be confident that a property returned by getProperty is HTML-safe?
You can't, but JSTL's <cut> tag, which effectively replaces <jsp:getProperty>, will automatically encode characters by default, thus making them "HTML-safe." (You can turn off this behavior by using the "escapeXml" attribute.)
See http://java.sun.com/products/jstl for more info on JSTL, a new JCP standard.