STRUTS的标签具有<bean:write name="" filter="true">
能过滤HTML代码, 今天看了一下源码, 发现这个功能很容易实现
/**
* Filter the specified string for characters that are sensitive to
* HTML interpreters, returning the string with these characters replaced
* by the corresponding character entities.
*
* @param value The string to be filtered and returned
*/
public static String filter(String value) {
if (value == null || value.length() == 0) {
return value;
}
StringBuffer result = null;
String filtered = null;
for (int i = 0; i < value.length(); i++) {
filtered = null;
switch (value.charAt(i)) {
case '<':
filtered = "<";
break;
case '>':
filtered = ">";
break;
case '&':
filtered = "&";
break;
case '"':
filtered = """;
break;
case '\'':
filtered = "'";
break;
}
if (result == null) {
if (filtered != null) {
result = new StringBuffer(value.length() + 50);
if (i > 0) {
result.append(value.substring(0, i));
}
result.append(filtered);
}
} else {
if (filtered == null) {
result.append(value.charAt(i));
} else {
result.append(filtered);
}
}
}
return result == null ? value : result.toString();
}