In JSTL, the fn:escapeXml() Function is used to escape the charters that are mainly interpreted as HTML, XML, or any other tag markup. This function mainly prevents the potential security risk or rendering issues when we are displaying user-generated content in XML-based contexts. In this article, we will discuss the syntax, parameters, and example of the fn:escapeXml() function.
Syntax of fn:escapeXml() function:
${fn:escapeXml(String inputString)}
Where,
- ${fn:escapeXml(. . .)}: This is the JSTL expression for escaping the characters interpreted as XML tags.
- inputString: This is the input string that we want to escape for XML rendering.
Example of JSTL fn:escapeXml() Function
In this example, we see how to find the length of a string using the JSTL fn:escapeXml() Function.
Java
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html> <head> <title>JSTL Functions Example</title>
</head> <body> <c:set var="str1" value="Welcome to GeeksforGeeks."/>
<c:set var="str2" value="GeeksforGeeks <code>HTML</code> content."/>
<p>With escapeXml() Function:</p> <p>String 1: ${fn:escapeXml(str1)}</p>
<p>String 2: ${fn:escapeXml(str2)}</p>
<p>Without escapeXml() Function:</p> <p>String 1: ${str1}</p>
<p>String 2: ${str2}</p>
</body> </html> |
Output:
With escapeXml() Function:
String 1: Welcome to GeeksforGeeks.
String 2: GeeksforGeeks <code>HTML</code> content.
Without escapeXml() Function:
String 1: Welcome to GeeksforGeeks.
String 2: GeeksforGeeks content.
Output Screen of the above Program:
Explanation of the above Program:
- In the above example, we have first initialized the values of str1 and str2 as “Welcome to GeeksforGeeks” and “GeeksforGeeks <code>HTML</code> content.“
- Then by using the fn:escapeXML() function we escape XML reserved characters in str2 which ensures that safe rendering is done in an HTML context.
- We are printing the output on screen by using the <p> tag in HTML.
Recommended Articles
20. JSTL Core Tags
21. JSTL SQL Tags