List of usage examples for org.apache.commons.lang3 StringEscapeUtils escapeHtml4
public static final String escapeHtml4(final String input)
Escapes the characters in a String using HTML entities.
For example:
"bread" & "butter"
"bread" & "butter".
From source file:net.andydvorak.intellij.lessc.fs.LessFile.java
/** * Similar to {@link #getCanonicalPath()}, but falls back to returning {@link #getAbsolutePath()} instead of throwing an {@link IOException}. * Any HTML Entities in the resulting path will be escaped (encoded) so that the path is safe to insert into HTML code. * @return the canonical, HTML-encoded path to the {@code File} if it exists; otherwise the absolute path *///from w w w .j a v a 2 s . co m public String getCanonicalPathSafeHtmlEscaped() { return StringEscapeUtils.escapeHtml4(getCanonicalPathSafe()); }
From source file:com.primeleaf.krystal.web.view.cpanel.RecycleBinContentView.java
@SuppressWarnings("unchecked") private void printRecycleBinContent() throws Exception { printBreadCrumbs();//from w w w .j av a 2 s . c o m if (request.getAttribute(HTTPConstants.REQUEST_ERROR) != null) { printErrorDismissable((String) request.getAttribute(HTTPConstants.REQUEST_ERROR)); } if (request.getAttribute(HTTPConstants.REQUEST_MESSAGE) != null) { printSuccessDismissable((String) request.getAttribute(HTTPConstants.REQUEST_MESSAGE)); } try { ArrayList<Document> documentList = (ArrayList<Document>) request.getAttribute("DOCUMENTLIST"); DocumentClass documentClass = (DocumentClass) request.getAttribute("DOCUMENTCLASS"); out.println("<div class=\"panel panel-default\">"); out.println("<div class=\"panel-heading\">"); out.println("<div class=\"row\">"); out.println("<div class=\"col-sm-6\">"); out.println("<h4><i class=\"fa fa-lg fa-trash-o\"></i> "); out.println(StringEscapeUtils.escapeHtml4(documentClass.getClassName()) + " - "); out.println( "<small>" + StringEscapeUtils.escapeHtml4(documentClass.getClassDescription()) + "</small>"); out.println("</div>");//col-sm-6 out.println("<div class=\"col-sm-6 text-right\">"); out.println("<h4><i class=\"fa fa-file \"></i> View Documents</h4>"); out.println("</div>");//col-sm-6 out.println("</div>");//row out.println("</div>");//panel-heading if (documentList.size() > 0) { out.println("<div class=\"table-responsive\">"); out.println("<table class=\"table table-condensed table-stripped\">"); out.println("<thead>"); out.println("<tr>"); out.println("<th> </td>"); out.println("<th class=\"text-center\">Document ID</th>"); out.println("<th>Last Modified On</th>"); out.println("<th>Last Modified By</th>"); out.println("<th>Expiry On</th>"); out.println("<th class=\"text-center\">Action</th>"); out.println("</tr>"); out.println("</thead>"); out.println("<tbody>"); for (Document document : documentList) { User user = UserDAO.getInstance().readUserByName(document.getCreatedBy()); out.println("<tr>"); out.println("<td><a href=\"/console/viewdocument?documentid=" + document.getDocumentId() + "&revisionid=" + document.getRevisionId() + "\" title=\"" + "View Document" + "\" target=\"_new\"><img src=\"" + HTTPConstants.BASEURL + "/images/" + StringHelper.getIconFileNameForExtension(document.getExtension().toUpperCase()) + ".gif\"\" class=\"img-icon\" title=\"" + document.getExtension().toUpperCase() + "\"></td>"); out.println("<td class=\"text-center\">" + document.getDocumentId() + "</td>"); out.println("<td>" + StringHelper.formatDate(document.getModified()) + "</td>"); out.println("<td>" + user.getUserName() + "</td>"); if (document.getExpiry() != null) { out.println("<td>" + StringHelper.formatDate(document.getExpiry(), ServerConstants.FORMAT_SHORT_DATE) + "</td>"); } else { out.println("<td> </td>"); } out.println("<td class=\"text-center\">"); out.println("<a href=\"" + HTTPConstants.BASEURL + "/cpanel/restoredocument?documentid=" + document.getDocumentId() + "&revisionid=" + document.getRevisionId() + "&classid=" + documentClass.getClassId() + "&mode=R\" title=\"Restore Document\">Restore Document</a>"); out.println(" | <a href=\"" + HTTPConstants.BASEURL + "/cpanel/purgedocument?documentid=" + document.getDocumentId() + "\" class=\"confirm\" title=\"Are you sure, you want to permanently delete this document?\">Delete Document</a>"); out.println("</td>"); out.println("</tr>"); } // for out.println("</tbody>"); out.println("</table>"); out.println("</div>"); } else { out.println("<div class=\"panel-body\">"); out.println("There are no documents currrently available."); out.println("</div>");//panel-body } out.println("</div>");//panel } catch (Exception ex) { ex.printStackTrace(); } }
From source file:com.google.template.soy.i18ndirectives.FormatNumDirective.java
@Override public SoyData apply(SoyData value, List<SoyData> args) { Locale locale = I18nUtils.parseLocale(localeStringProvider.get()); NumberFormat instance;// w w w.j a v a2 s . c o m String formatType = args.isEmpty() ? "decimal" : args.get(0).stringValue(); if (formatType.equals("decimal")) { instance = NumberFormat.getInstance(locale); } else if (formatType.equals("percent")) { instance = NumberFormat.getPercentInstance(locale); } else if (formatType.equals("currency")) { instance = NumberFormat.getCurrencyInstance(locale); } else if (formatType.equals("scientific")) { instance = NumberFormat.getScientificInstance(locale); } else { throw new IllegalArgumentException(String.format("Unrecognized Number Format Type: {0}", formatType)); } return toSoyData(StringEscapeUtils.escapeHtml4(instance.format(Float.parseFloat(value.stringValue())))); }
From source file:com.primeleaf.krystal.web.view.cpanel.EditUserView.java
private void printEditUserForm() throws Exception { printBreadCrumbs();// ww w .ja v a 2s.c o m User user = (User) request.getAttribute("USER"); try { out.println("<div class=\"panel panel-default\">"); out.println("<div class=\"panel-heading\"><h4><i class=\"fa fa-user fa-lg\"></i> Edit User</h4></div>"); out.println("<div class=\"panel-body\">"); out.println( "<form action=\"/cpanel/edituser\" method=\"post\" id=\"frmEditUser\" class=\"form-horizontal\" accept-charset=\"utf-8\">"); out.println("<div class=\"form-group\">"); out.println("<div class=\"col-sm-offset-3 col-sm-9\">"); out.println("<p>Fields marked with <span style='color:red'>*</span> are mandatory</p>"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println( "<label for=\"txtUserName\" class=\"col-sm-3 control-label\">User Name <span style='color:red'>*</span></label>"); out.println("<div class=\"col-sm-9\">"); out.println( "<input type=\"text\" id=\"txtUserName\" name=\"txtUserName\" class=\"required form-control\" title=\"Please enter User Name\" maxlength=\"15\" readonly value=\"" + StringEscapeUtils.escapeHtml4(user.getUserName()) + "\">"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println( "<label for=\"txtRealName\" class=\"col-sm-3 control-label\">Real Name <span style='color:red'>*</span></label>"); out.println("<div class=\"col-sm-9\">"); out.println( "<input type=\"text\" id=\"txtRealName\" name=\"txtRealName\" class=\"required form-control\" title=\"Please enter Real Name\" maxlength=\"50\" value=\"" + StringEscapeUtils.escapeHtml4(user.getRealName()) + "\">"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println( "<label for=\"txtUserEmail\" class=\"col-sm-3 control-label\">Email ID <span style='color:red'>*</span></label>"); out.println("<div class=\"col-sm-9\">"); out.println( "<input type=\"text\" id=\"txtUserEmail\" name=\"txtUserEmail\" class=\"required form-control email\" title=\"Please enter valid Email ID\" maxlength=\"50\" value=\"" + StringEscapeUtils.escapeHtml4(user.getUserEmail()) + "\">"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println( "<label for=\"txtDescription\" class=\"col-sm-3 control-label\">Description <span style='color:red'>*</span> </label>"); out.println("<div class=\"col-sm-9\">"); out.println( "<input type=\"text\" id=\"txtDescription\" name=\"txtDescription\" maxlength=\"50\" class=\"form-control required\" title=\"Please enter Description\" value=\"" + StringEscapeUtils.escapeHtml4(user.getUserDescription()) + "\">"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println("<label for=\"radActive\" class=\"col-sm-3 control-label\">Active?</label>"); out.println("<div class=\"btn-group col-sm-9\" data-toggle=\"buttons\">"); out.println("<label class=\"btn btn-sm btn-default "); if (user.isActive()) { out.print(" active"); } out.print("\">"); out.println("<input type=\"radio\" id=\"radActive1\" name=\"radActive\" value=\"Y\""); if (user.isActive()) { out.print(" checked"); } out.print(">Yes"); out.println("</label>"); out.println("<label class=\"btn btn-sm btn-default "); if (!user.isActive()) { out.print(" active"); } out.print("\">"); out.println("<input type=\"radio\" id=\"radActive2\" name=\"radActive\" value=\"N\""); if (!user.isActive()) { out.print(" checked"); } out.print(">No"); out.println("</label>"); out.println("</div>"); out.println("</div>"); out.println("<div class=\"form-group\">"); out.println("<label for=\"radUserType\" class=\"col-sm-3 control-label\">User Type</label>"); out.println("<div class=\"btn-group col-sm-9\" data-toggle=\"buttons\">"); out.println("<label class=\"btn btn-sm btn-default "); if (User.USER_TYPE_ADMIN.equalsIgnoreCase(user.getUserType())) { out.print(" active"); } out.print("\">"); out.println("<input type=\"radio\" id=\"radUserType1\" name=\"radUserType\" value=\"" + User.USER_TYPE_ADMIN + "\""); if (User.USER_TYPE_ADMIN.equalsIgnoreCase(user.getUserType())) { out.print(" checked"); } out.print(">Administrator"); out.println("</label>"); out.println("<label class=\"btn btn-sm btn-default "); if (User.USER_TYPE_USER.equalsIgnoreCase(user.getUserType())) { out.print(" active"); } out.print("\">"); out.println("<input type=\"radio\" id=\"radUserType2\" name=\"radUserType\" value=\"" + User.USER_TYPE_USER + "\""); if (User.USER_TYPE_USER.equalsIgnoreCase(user.getUserType())) { out.print(" checked"); } out.print(">User"); out.println("</label>"); out.println("</div>"); out.println("</div>"); out.println("<hr/>"); out.println("<div class=\"form-group\">"); out.println("<div class=\"col-sm-offset-3 col-sm-9\">"); out.println("<input type=\"hidden\" name=\"userid\" value=\"" + user.getUserId() + "\">"); out.println( "<input type=\"submit\" name=\"btnSubmit\" value=\"Submit\" class=\"btn btn-sm btn-default\">"); out.println("</div>"); out.println("</div>"); out.println("</form>"); out.println("</div>"); out.println("</div>"); out.println("</div>"); } catch (Exception e) { e.printStackTrace(); } }
From source file:net.sf.eclipsefp.haskell.ui.internal.editors.haskell.HaskellTextHover.java
private static String toHTMLString(final String txt) { String txt2 = StringEscapeUtils.escapeHtml4(txt); txt2 = txt2.replace(PlatformUtil.NL, "<br/>"); txt2 = txt2.replace("\n", "<br/>"); txt2 = txt2.replace("\r", "<br/>"); txt2 = txt2.replace(" ", " "); txt2 = "<nobr>" + txt2.replace("<br/>", "</nobr><br/><nobr>") + "</nobr>"; return txt2;/*from w ww . j a v a 2 s. c om*/ }
From source file:com.aistor.common.web.BaseController.java
/** * ??//from w w w. j a v a 2 s . c om * 1. ?StringHTML?XSS * 2. Date?String */ @InitBinder protected void initBinder(WebDataBinder binder) { // String??StringHTML?XSS binder.registerCustomEditor(String.class, new PropertyEditorSupport() { @Override public void setAsText(String text) { setValue(text == null ? null : StringEscapeUtils.escapeHtml4(text.trim())); } @Override public String getAsText() { Object value = getValue(); return value != null ? value.toString() : ""; } }); // Date ? binder.registerCustomEditor(Date.class, new PropertyEditorSupport() { @Override public void setAsText(String text) { setValue(DateUtils.parseDate(text)); } }); }
From source file:controller.AppController.java
@RequestMapping(value = "/province", method = RequestMethod.GET) public @ResponseBody String getAllProvinces() { DBHelper helper = DBHelper.getInstance(); String provinces = StringEscapeUtils.escapeHtml4(helper.getAllProvinces()); return provinces; }
From source file:com.sonicle.webtop.mail.Mailcard.java
public static String replaceTemplateFields(String html, UserProfile.PersonalInfo personalInfo) { if (personalInfo != null) { String title = personalInfo.getTitle(); String firstName = personalInfo.getFirstName(); String lastName = personalInfo.getLastName(); String company = personalInfo.getCompany(); String function = personalInfo.getFunction(); String email = personalInfo.getEmail(); String mobile = personalInfo.getMobile(); String telephone = personalInfo.getTelephone(); String fax = personalInfo.getFax(); String custom1 = personalInfo.getCustom01(); String custom2 = personalInfo.getCustom02(); String custom3 = personalInfo.getCustom03(); html = PATTERN_TITLE.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(title))); html = PATTERN_FIRST_NAME.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(firstName))); html = PATTERN_LAST_NAME.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(lastName))); html = PATTERN_COMPANY.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(company))); html = PATTERN_FUNCTION.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(function))); html = PATTERN_WORK_EMAIL.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(email))); html = PATTERN_WORK_MOBILE.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(mobile))); html = PATTERN_WORK_TELEPHONE.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(telephone))); html = PATTERN_WORK_FAX.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(fax))); html = PATTERN_CUSTOM_1.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(custom1))); html = PATTERN_CUSTOM_2.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(custom2))); html = PATTERN_CUSTOM_3.matcher(html) .replaceAll(StringUtils.defaultString(StringEscapeUtils.escapeHtml4(custom3))); }/*from w w w.ja va2s. c o m*/ return html; }
From source file:com.esri.gpt.catalog.arcgis.metadata.AGSInterrogator.java
/** * Determines the SOAP endpoint for ArcGIS Server services catalog based upon the * REST endpoint to the services catalog. */// w w w. j a v a 2s. c o m private void determineSoapUrl() throws IOException { String restUrl = this.target.getRestUrl(); if ((restUrl == null) || (restUrl.length() == 0)) { return; } // start with a guess, it's usually correct boolean guess = true; if (guess && ((this.target.getSoapUrl() == null) || (this.target.getSoapUrl().length() == 0))) { if (restUrl.toLowerCase().endsWith("rest/services")) { String tmp1 = restUrl.substring(0, restUrl.length() - 14); String tmp2 = restUrl.substring(restUrl.length() - 9); String soapEndpoint = tmp1 + tmp2; try { String validated = this.pingCatalogWsdl(soapEndpoint); this.target.setSoapUrl(validated); String msg = "ArcGIS services catalog soap url guessed from rest url:"; msg += "\n restUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(restUrl)) + "\n soapUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(this.target.getSoapUrl())); LOGGER.finer(msg); return; } catch (IOException ioe) { String msg = "ArcGIS services catalog (soap) not found at guessed endpoint:"; msg += "\n restUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(restUrl)) + "\n soapUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(soapEndpoint)); LOGGER.finest(msg + "\n" + ioe.toString()); } } } // loop through the services and try to scrape a SOAP endpoint from an HTML page if ((this.target.getSoapUrl() == null) || (this.target.getSoapUrl().length() == 0)) { String soapEndpoint = Val.chkStr(this.determineSoapUrl(restUrl)); if (soapEndpoint.length() > 0) { this.target.setSoapUrl(soapEndpoint); String msg = "ArcGIS services catalog soap url determined from html scrape:"; msg += "\n restUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(restUrl)) + "\n soapUrl=" + StringEscapeUtils.escapeHtml4(Val.stripControls(this.target.getSoapUrl())); LOGGER.finer(msg); return; } } // loop through the services and try to scrape a SOAP endpoint from an HTML page if ((this.target.getSoapUrl() == null) || (this.target.getSoapUrl().length() == 0)) { String msg = "Unable to determine ArcGIS Server services directory SOAP endpoint"; msg += " associated with REST endpoint: " + restUrl; throw new IOException(msg); } }
From source file:com.matthewcasperson.validation.ruleimpl.FailIfContainsHTMLValidationRule.java
/** * {@inheritDoc}//from w w w.j a v a 2s. c om */ @Override public String[] fixParams(final String name, final String url, final String[] params) throws ValidationFailedException { checkNotNull(name); checkArgument(!name.trim().isEmpty()); checkNotNull(url); checkArgument(!url.trim().isEmpty()); checkNotNull(params); checkArgument(params.length != 0, "PVF-BUG-0003: params should always have at least one value"); for (int paramIndex = 0, paramLength = params.length; paramIndex < paramLength; ++paramIndex) { String param = params[paramIndex]; if (allowAmpersands) { param = param.replaceAll("&", ""); } if (allowAccents) { param = Normalizer.normalize(param, Normalizer.Form.NFD); } if (allowEllipsis) { param = param.replaceAll(ELLIPSIS, ""); } if (param != null) { final String encoded = StringEscapeUtils.escapeHtml4(param); if (!encoded.equals(param)) { throw new ValidationFailedException( "PVF-SECURITY-0001: Parameter found to have special HTML characters.\nNAME: " + name + "\nVALUE: " + param + "\nURL: " + url); } } } return params; }