java escape html,解决java - How to escape HTML in JSON

前台输入值为:**(^&*^&*%^&%&^$%^$%^$^ 后台使用:URLDecoder.decode(str, "UTF-8")进行解码,但会报java.lang.IllegalArgumentException: URLDecoder: Illegal he

I'm wondering how can I escape HTML code in JSON ? I'm using Jackson as my JSON mapper.

In my content I have various characters: tags, single quotes, double quotes, new lines character (\n), tabs etc. I tried to use CharacterEscapes class, but with no results.

My JSON response blows up after using CharacterEscapes. I tried to escape it manually, but also without any results.

So the question is, lets say that we have:

Some text

\n

"SomeText"

How can I send it back to browser as value of the JSON object?

UPDATE: Input is:

{

"code": {

"num": 12

},

"obj": {

"label": "somelabel",

"order": 1

},

"det": {

"part": "1",

"cont": true

},

"html": "

Mine text

"

}

Output:

{

"code": {

"num": 12

},

"obj": {

"label": "somelabel",

"order": 1

},

"det": {

"part":"1",

"cont": true

},

"html":{"code": {

"num": 12

},

"obj": {

"label": "somelabel",

"order": 1

},

"det": {

"part":"

}

java

jackson

html-escape-characters

|

this question

edited Mar 28 '15 at 19:34 asked Mar 28 '15 at 18:54

Ma Kro 348 5 21      Does this help?

cowtowncoder.com/blog/archives/2012/08/entry_476.html Although you probably do not need to scape anything apart from \b, \f, \n, \r, \t , \" and \\. Take this

stackoverflow.com/questions/3020094/… and this

stackoverflow.com/questions/19176024/… into account as well. Hope this helps. –

Pedro Lopez Mar 28 '15 at 19:07      I saw that article, and I have similar code, which doesn't help. Btw. I just saw that some tags were not displayed in my example. I will update the sample text. –

Ma Kro Mar 28 '15 at 19:09      I don't understand the problem. HTML is just text. You probably have it stored as a

String. Jackson can escape any necessary characters in the

String just fine. –

Sotirios Delimanolis Mar 28 '15 at 19:13      @SotiriosDelimanolis I'm sending response in: mapper.writeValue(response.getWriter(), myObjectWithHtmlProperty) And in the browser I see json, which looks like this: {"key":"value", "key":"value", "myHtmlKey":{"key":"value", "key":"value"} HTML code are replaced with JSON object from the begining –

Ma Kro Mar 28 '15 at 19:17      I still don't understand. Please post a complete and reproducible example. What is the input? What is the output? What is the expected output and why? –

Sotirios Delimanolis Mar 28 '15 at 19:19

|

show more comments

2 Answers

2

解决方法

For now I have found following solution: I have added CharacterEscapes to the JsonFactory of the ObjectMapper class. Also I have changed way of writting JSON into response. Instead of

objectMapper.writeValue(response.getWriter(), myObject)

I'm doing this:

PrintWriter writer = response.getWriter();

writer.print(String.valueOf(objectMapper.writeValueAsBytes(myObject));

writer.flush();

And it works as I wanted.

|

this answer answered Mar 28 '15 at 22:39

Ma Kro 348 5 21

|

I would suggest to use either of below.

1.You can use GSON library for this purpose.

Gson gson = new GsonBuilder().disableHtmlEscaping().create();

2.Use Apache commons StringEscapeUtils.escapeHtml("JSON string").

|

this answer answered Mar 28 '15 at 19:09

RE350 3,588 3 16 30      I'm using Jackson, and for now, I don't want to switch to Gson. There must be a way to do that in Jackson. About the apache, I have the newest version of apache, and there is no such method "escapeHtml". It was removed and I'm not sure what is the replacement. –

Ma Kro Mar 28 '15 at 19:11

|

1、 使用Java输出json格式的实体数组(UserAction) public class User { private String id; private String account;// 账号 private String psw;