info.magnolia.util
Class EscapeUtil
java.lang.Object
info.magnolia.util.EscapeUtil
public final class EscapeUtil
- extends Object
Utilities to escaping characters for preventing XSS attack.
This class escapes only & (&), "("), <(<), >(>) and '(') characters. Others characters are left untouched. See rule #1 at XSS_Prevention_Rules.
Use when StringEscapeUtils cannot be used because of escaping more or less character entities.
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
escapeXss
public static String escapeXss(String str)
unescapeXss
public static String unescapeXss(String str)
escapeXss
public static String[] escapeXss(String[] str)
unescapeXss
public static String[] unescapeXss(String[] str)
Copyright © 2003–2014 Magnolia International Ltd.. All rights reserved.