Struts 1.2 - when I enter greater lesser symbol html:text texbox it's getting rendered as <>

When i enter <>() it's saving as <>

I am using struts 1.2 where html:text is been used for getting the values from the UI
when I search in google they said problem releated character encoding

How i need to rectify

What I need to set in the jsp.
Please help me

josuva moorthy wrote:When i enter <>() it's saving as <>

I'm not sure what you mean by "saving" or why that's the same as "getting rendered" from your post title -- perhaps you could explain what it is you're looking at where you see this changed data.

However it's perfectly normal for systems which accept input which is going to be redisplayed later within an HTML document to escape that input, so that it can't be used as part of a security exploit. In other words, instead of just redisplaying it as HTML data which will be rendered by the browser, possibly with evil effects, it is transformed so that it appears as text which represents the markup which was input. That's why the Struts element is called "html:text" -- because it's used to input text which may be displayed in HTML.

when I search in google they said problem releated character encoding

Unfortunately you stumbled across a post by somebody who had no idea what they were talking about.

How i need to rectify

I don't think there's anything to be rectified.

Thanks for the reply

The problem what I am facing is

1. In UI when I am giving input as "Jos<>()" field and click update it's getting updated
But when I am see the updated screen the " Jos& lt;& gt;& #40;& #41;"


Technology used is Struts 1.2

I am not aware what to do

Hi Moorthy,
It is true that for security pupose Struts convert < to < but what you are seeing in the response is with with space "& lt;". This implies that there is some encoding being performed in your application (may be a request/response wrapper OR would have modified the struts code itself ) Check out your security framework.

Thanks for the reply

Shankar Tanikella wrote:Hi Moorthy,
It is true that for security pupose Struts convert < to < but what you are seeing in the response is with with space "& lt;". This implies that there is some encoding being performed in your application (may be a request/response wrapper OR would have modified the struts code itself ) Check out your security framework.

what I need to check in security framework .I am not aware of it.
This is the code

<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>

<html:text styleClass="text" name="CardForm"
property="lastName"
maxlength="20" styleId="lastName"/>

When I enter <> symbol in textbox it's been changed to & lt; and & gt;