转义HTML字符_html/css_WEB-ITnose

package util;public final class HTMLFilter {    /**     * Filter the specified message string for characters that are sensitive     * in HTML.  This avoids potential attacks caused by including JavaScript     * codes in the request URL that is often reported in error messages.     *     * @param message The message string to be filtered     */    public static String filter(String message) {        if (message == null)            return (null);        char content[] = new char[message.length()];        message.getChars(0, message.length(), content, 0);        StringBuilder result = new StringBuilder(content.length + 50);        for (int i = 0; i ':                result.append(">");                break;            case '&':                result.append("&");                break;            case '"':                result.append(""");                break;            default:                result.append(content[i]);            }        }        return (result.toString());    }}

登录后复制