发表新帖
发表新帖

Escape quotes in JavaScript

前端 未结
关注
13 855
不思量自难忘°
不思量自难忘° 2020-11-22 11:39

I\'m outputting values from a database (it isn\'t really open to public entry, but it is open to entry by a user at the company -- meaning, I\'m not worried about XSS).

13条回答
  • 北恋
    北恋 (楼主)
    2020-11-22 12:15

    If you're assembling the HTML in Java, you can use this nice utility class from Apache commons-lang to do all the escaping correctly:

    org.apache.commons.lang.StringEscapeUtils
    Escapes and unescapes Strings for Java, Java Script, HTML, XML, and SQL.

    0 讨论(0)
 看不清?
提交回复
热议问题