EscapeUtil (Magnolia Core 5.4.4 API)

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- info.magnolia.util.EscapeUtil

```
public final class EscapeUtil
extends Object
```
Utilities to escaping characters for preventing XSS attack.

This class escapes only & (&), "("), <(<), >(>) and '(') characters. Others characters are left untouched. See rule #1 at XSS_Prevention_Rules.

Use when StringEscapeUtils cannot be used because of escaping more or less character entities.

Method Summary

Methods
Modifier and Type	Method and Description
`static String`	`escapeXss(String str)`
`static String[]`	`escapeXss(String[] str)`
`static String`	`unescapeXss(String str)`
`static String[]`	`unescapeXss(String[] str)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

escapeXss

public static String escapeXss(String str)

unescapeXss

public static String unescapeXss(String str)

escapeXss

public static String[] escapeXss(String[] str)

unescapeXss

public static String[] unescapeXss(String[] str)

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2003–2016 Magnolia International Ltd.. All rights reserved.