• Post Reply Bookmark Topic Watch Topic
  • New Topic

utf8_encode and htmlentities equivalent

 
Jennifer O'Donnell
Greenhorn
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I'm coming from a PHP background and there, to be secure, they recommend encoding all user input that will be printed out to screen to utf8 and then call htmlentities() to render things like brackets to that they will display correctly and not allow any scripts to be executed. Does JSP have an equivalent built in? If not, how would I do this in JSP?
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65530
108
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Using the <cut> JSTL tag to emit untrusted output will automatically escape the output.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!