程序包 cn.taketoday.web.util

类 HtmlUtils

java.lang.Object
cn.taketoday.web.util.HtmlUtils
public abstract class HtmlUtils extends Object
Utility class for HTML escaping.

Escapes and unescapes based on the W3C HTML 4.01 recommendation, handling character entity references.

Reference: https://www.w3.org/TR/html4/charset.html

For a comprehensive set of String escaping utilities, consider Apache Commons Text and its StringEscapeUtils class. We do not use that class here in order to avoid a runtime dependency on Commons Text just for HTML escaping. Furthermore, HTML escaping is more flexible and 100% HTML 4.0 compliant.

从以下版本开始:
4.0
作者:
Juergen Hoeller, Martin Kersten, Craig Andrews

  • 字段详细资料

    • CHARACTER_ENCODING

      static final String CHARACTER_ENCODING
      另请参阅:

    • characterEntityReferences

      private static final HtmlCharacterEntityReferences characterEntityReferences
      Shared instance of pre-parsed HTML character entity references.

  • 构造器详细资料

    • HtmlUtils

      public HtmlUtils()

  • 方法详细资料

    • htmlEscape

      public static String htmlEscape(String input)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding entity reference (e.g. <).

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      返回:
      the escaped string

    • htmlEscape

      public static String htmlEscape(String input, String encoding)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding entity reference (e.g. <) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      encoding - the name of a supported charset
      返回:
      the escaped string

    • htmlEscapeDecimal

      public static String htmlEscapeDecimal(String input)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding numeric reference in decimal format (&#Decimal;).

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      返回:
      the escaped string

    • htmlEscapeDecimal

      public static String htmlEscapeDecimal(String input, String encoding)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding numeric reference in decimal format (&#Decimal;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      encoding - the name of a supported charset
      返回:
      the escaped string

    • htmlEscapeHex

      public static String htmlEscapeHex(String input)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding numeric reference in hex format (&#xHex;).

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      返回:
      the escaped string

    • htmlEscapeHex

      public static String htmlEscapeHex(String input, String encoding)
      Turn special characters into HTML character references.

      Handles the complete character set defined in the HTML 4.01 recommendation.

      Escapes all special characters to their corresponding numeric reference in hex format (&#xHex;) at least as required by the specified encoding. In other words, if a special character does not have to be escaped for the given encoding, it may not be.

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (unescaped) input string
      encoding - the name of a supported charset
      返回:
      the escaped string

    • htmlUnescape

      public static String htmlUnescape(String input)
      Turn HTML character references into their plain text UNICODE equivalent.

      Handles complete character set defined in HTML 4.01 recommendation and all reference types (decimal, hex, and entity).

      Correctly converts the following formats:

      &#Entity; - (Example: &) case sensitive &#Decimal; - (Example: D)
      &#xHex; - (Example: å) case insensitive

      Gracefully handles malformed character references by copying original characters as is when encountered.

      Reference: https://www.w3.org/TR/html4/sgml/entities.html

      参数:
      input - the (escaped) input string
      返回:
      the unescaped string