EscapeTool Reference Documentation
Tool for working with escaping in Velocity templates.
It provides methods to escape outputs for Java, JavaScript, HTML, XML and SQL.
Also provides methods to render VTL characters that otherwise needs escaping.
@@@version@@@, @@@date@@@org.apache.velocity.tools.generic.EscapeTool$escShinobu Kawai<tool>
<key>esc</key>
<scope>application</scope>
<class>org.apache.velocity.tools.generic.EscapeTool</class>
</tool>
java()
Escapes the characters in a String
using Java String rules.
String java(Object string)
the string to escape values, may be null.
String with escaped values, null
if null string input.
Delegates the process to
StringEscapeUtils#escapeJava(String)
.
If $java
had the following value:
He didn't say, "Stop!"then the following Velocity script:
$esc.java($java)produces this output:
He didn't say, \"Stop!\"
javascript()
Escapes the characters in a String
using JavaScript String rules.
String javascript(Object string)
the string to escape values, may be null.
String with escaped values, null
if null string input.
Delegates the process to
StringEscapeUtils#escapeJavaScript(String)
.
If $javascript
had the following value:
He didn't say, "Stop!"then the following Velocity script:
$esc.javascript($javascript)produces this output:
He didn\'t say, \"Stop!\"
html()
Escapes the characters in a String
using HTML entities.
String html(Object string)
the string to escape values, may be null.
a new escaped String
, null
if null string input
Delegates the process to
StringEscapeUtils#escapeHtml(String)
.
If $html
had the following value:
"bread" & "butter"then the following Velocity script:
$esc.html($html)produces this output:
"bread" & "butter"
Escapes the characters in a String
to be suitable to use as an HTTP parameter value.
String http(Object string)
the string to escape values, may be null.
a new escaped String
, null
if null string input
Delegates the process to
java.net.URLEncoder#encodeURL(String,"UTF-8")
.
If $http
had the following value:
Hello here & therethen the following Velocity script:
$esc.http($http)produces this output:
hello+here+%26+there
xml()
Escapes the characters in a String
using XML entities.
String xml(Object string)
the string to escape values, may be null.
a new escaped String
, null
if null string input
Delegates the process to
StringEscapeUtils#escapeXml(String)
.
If $xml
had the following value:
"bread" & "butter"then the following Velocity script:
$esc.xml($xml)produces this output:
"bread" & "butter"
sql()
Escapes the characters in a String
to be suitable to pass to an SQL query.
String sql(Object string)
the string to escape values, may be null.
a new String, escaped for SQL, null
if null string input
Delegates the process to
StringEscapeUtils#escapeSql(String)
.
If $sql
had the following value:
McHale's Navythen the following Velocity script:
$esc.sql($sql)produces this output:
McHale''s Navy
getDollar()
Renders a dollar sign ($).
String getDollar()
a dollar sign ($).
The following Velocity script:
${esc.dollar}produces this output:
$
getD()
Renders a dollar sign ($).
String getD()
a dollar sign ($).
The following Velocity script:
${esc.d}produces this output:
$
getHash()
Renders a hash (#).
String getHash()
a hash (#).
The following Velocity script:
${esc.hash}produces this output:
#
getH()
Renders a hash (#).
String getH()
a hash (#).
The following Velocity script:
${esc.h}produces this output:
#
getBackslash()
Renders a backslash (\).
String getBackslash()
a backslash (\).
The following Velocity script:
${esc.backslash}produces this output:
\
getB()
Renders a backslash (\).
String getB()
a backslash (\).
The following Velocity script:
${esc.b}produces this output:
\
getQuote()
Renders a double quotation mark (").
String getQuote()
a double quotation mark (").
The following Velocity script:
${esc.quote}produces this output:
"
getQ()
Renders a double quotation mark (").
String getQ()
a double quotation mark (").
The following Velocity script:
${esc.q}produces this output:
"
getSingleQuote()
Renders a single quotation mark (').
String getSingleQuote()
a single quotation mark (').
The following Velocity script:
${esc.singleQuote}produces this output:
'
getS()
Renders a single quotation mark (').
String getS()
a single quotation mark (').
The following Velocity script:
${esc.s}produces this output:
'
getExclamation()
Renders an exclamation mark (!).
String getExclamation()
an exclamation mark (!).
The following Velocity script:
${esc.exclamation}produces this output:
!
getE()
Renders an exclamation mark (!).
String getE()
an exclamation mark (!).
The following Velocity script:
${esc.e}produces this output:
!