public class EscapeTool
extends org.apache.velocity.tools.generic.EscapeTool
Tool for working with escaping in Velocity templates. It provides methods to escape outputs for Velocity, Java, JavaScript, HTML, XML and SQL.
Extends the default EscapeTool from velocity-tools since the XML escape performed by it doesn't work inside HTML
content, since apos is not a valid HTML entity name, and it always escapes non-ASCII characters, which
increases the HTML length considerably, while also making the source unreadable.
| Constructor and Description |
|---|
EscapeTool() |
| Modifier and Type | Method and Description |
|---|---|
String |
b(Object content)
Encode a text using the B encoding specified in RFC 2047.
|
String |
css(String identifier)
Escapes a CSS identifier.
|
String |
json(Object string)
Escapes the characters in a
String using JSON String rules: escapes with backslash double quotes,
back and forward slashes, newlines, the control characters \b, \t and \f, and with
\uXXXX any non-ASCII characters. |
String |
q(Object content)
Encode a text using the Q encoding specified in RFC 2047.
|
String |
quotedPrintable(Object content)
Encode a text using the Quoted-Printable format, as specified in section 6.7 of RFC 2045.
|
String |
url(Map<String,?> parametersMap)
Properly escape a parameter map representing a query string, so that it can be safely used in an URL.
|
String |
url(Object string)
We override the implementation so that we sync it with the encoding strategy we use for generating URLs.
|
String |
xml(Object content)
Escapes the XML special characters in a
String using numerical XML entities. |
configure, dumpString, getB, getBackslash, getD, getDollar, getE, getExclamation, getH, getHash, getKey, getN, getNewline, getQ, getQuote, getS, getSingleQuote, html, java, javascript, propertyKey, propertyValue, setKey, sql, unicode, velocitypublic String xml(Object content)
String using numerical XML entities. This overrides the base
implementation from Velocity, which is over-zealous and escapes any non-ASCII character. Since XWiki works with
Unicode-capable encodings (UTF-8), there is no need to escape non-special characters.xml in class org.apache.velocity.tools.generic.EscapeToolcontent - the text to escape, may be nullString, null if null inputpublic String json(Object string)
String using JSON String rules: escapes with backslash double quotes,
back and forward slashes, newlines, the control characters \b, \t and \f, and with
\uXXXX any non-ASCII characters. Unlike EscapeTool.javascript(Object), it does not escape '
, which is not a special character in JSON, and it would be a syntax error to do so.string - the string to escape, may be null; any non-string object will be converted to a string
first, using String.valueOf(obj)null if null inputpublic String quotedPrintable(Object content)
content - the text to encodepublic String q(Object content)
=?UTF-8?Q? and ending with ?=.content - the text to encodepublic String b(Object content)
=?UTF-8?B? and ending with ?=.content - the text to encodepublic String url(Map<String,?> parametersMap)
Collection. If the
parameter name is null (the key is null) then the parameter is ignored. null values are
serialized as an empty string.parametersMap - Map representing the query string.public String css(String identifier)
See https://drafts.csswg.org/cssom/#serialize-an-identifier.
identifier - the identifier to escapepublic String url(Object string)
%20 and not as + in the query string.url in class org.apache.velocity.tools.generic.EscapeToolstring - the url to encodeCopyright © 2004–2016 XWiki. All rights reserved.