Announcement Announcement Module
Collapse
No announcement yet.
htmlEscape and databinding Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • htmlEscape and databinding

    How do you handle the case where you want user input from a form to be htmlEscape'd when you are binding to a command object? Looks like I'm going to override createBinder in my controller and return my own subclass of ServletRequestDataBinder which simply overrides the bind method and simply htmlEscapes the MutablePropertyValues. A simple implementation would escape every request parameter. Perhaps a little inefficient but oh well. Any ideas?

  • #2
    How do you handle the case where you want user input from a form to be htmlEscape'd when you are binding to a command object?
    Are you sure you want to do this? Usually you HTML escape raw data only when displaying via HTML.

    Comment


    • #3
      i know, it's normally unnecessary, but in this case it is a requirement.

      Comment

      Working...
      X