• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Escape XML special characters?

 
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi friends,

How can I escape XML special characters like &, ', >, <... in XML element's body text?
I am using org.w3c.dom.* packages, however I could not found any utility class that does what I need. Escape special characters is common task so I cannot believe it is not part of standard Java XML.

Any idea?
 
Ranch Hand
Posts: 734
7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Apache commons...
http://commons.apache.org/lang/api-2.4/org/apache/commons/lang/StringEscapeUtils.html
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
IMO, a better approach would be to put data that can contain such characters into CDATA sections. One benefit of that would be that it is clear that the data contains "&", and not "&amp;" - otherwise that may not be obvious to someone who processes that XML.
 
g tsuji
Ranch Hand
Posts: 734
7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It is just as well for me too.
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Just a comment: if you're using the org.w3c.dom packages, then generally speaking you don't need to concern yourself with escaping those characters. For example

is perfectly legitimate and you don't need to escape that ampersand. Escaping only applies when an XML document is serialized to an external format -- i.e. a text file -- not when it is in an in internal format like that. If you stick to using only XML code in the standard API, for example using a Transformer to serialize your DOM, that escaping is taken care for you by that code. (And that's why the standard API doesn't include a method to do the escaping on a string.) You only need to deal with escaping when you are writing serialization code, for example if you're doing something like

If you did that, then you would have to apply the escaping rules to the string in the "name" variable.
 
Minh Nam
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks guys for your replies.

Paul Clapham wrote:If you stick to using only XML code in the standard API, for example using a Transformer to serialize your DOM, that escaping is taken care for you by that code.



Actually I am using a Transformer to convert the Document object to String representation of XML. The output String will be passed to a javascript function by the following code:



So I want to escape any characters from the source XML that may break the Javascript.eval() method call.
 
Paul Clapham
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Minh Nam wrote:Actually I am using a Transformer to convert the Document object to String representation of XML. The output String will be passed to a javascript function by the following code:



So I want to escape any characters from the source XML that may break the Javascript.eval() method call.



The XML which was output by the Transformer will have the correct escaping already. Are you asking this question because you actually encountered a problem? The only problem that I can see is that you might have to do Javascript escaping if the source XML contains apostrophes.
 
Minh Nam
Ranch Hand
Posts: 57
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Paul Clapham wrote:

Minh Nam wrote:
The XML which was output by the Transformer will have the correct escaping already. Are you asking this question because you actually encountered a problem? The only problem that I can see is that you might have to do Javascript escaping if the source XML contains apostrophes.



Yes, I encountered a problem with the apostrophes, so I may do a simple escaping without using any external libraries.

Thanks a lot for sharing your experience.

 
reply
    Bookmark Topic Watch Topic
  • New Topic