Is there a way to tell JSTL ${} to escape html globally, instead of on each use

Asked Sep 30 '13 at 21:20

Active Sep 30 '13 at 21:20

Viewed 28 times

We have an app which uses JSTL syntax in many places (e.g. ${thisVar}, and we are wondering if there is a flag to globally escape HTML in a similar way that the fn:escape... attribute does:

${fn:escapeXml(myName)}

We don't want to have to go through our entire application and change all the variables. Also, simple ${} is much easier to type.

asked Sep 30 '13 at 21:20

Joshua

3,615
1
26
32

create your own tag or function – Paul Vargas Sep 30 '13 at 21:22
I think `` exists for that purpose. – VGR Oct 02 '13 at 01:08
Possible duplicate, yes, but no answer yet given even on the linked question. Just lots of commentary. And NO, using c:out is not an answer because I am trying to avoid changing the ${} syntax. – Joshua Oct 02 '13 at 17:24

Is there a way to tell JSTL ${} to escape html globally, instead of on each use

0 Answers0