org.apache.commons.lang3
Class StringEscapeUtils

java.lang.Object
  org.apache.commons.lang3.StringEscapeUtils

public class StringEscapeUtils
extends Object

Escapes and unescapes Strings for Java, Java Script, HTML and XML.

#ThreadSafe#

Since:

2.0

Version:

$Id: StringEscapeUtils.java 918868 2010-03-04 06:22:16Z bayard $

Author:

Apache Software Foundation, Apache Jakarta Turbine, Purple Technology, Alexander Day Chaffee, Antony Riley, Helge Tesgaard, Sean Brown, Gary Gregory, Phil Steitz, Pete Gieser

Field Summary

static CharSequenceTranslator	ESCAPE_CSV
static CharSequenceTranslator	ESCAPE_ECMASCRIPT
static CharSequenceTranslator	ESCAPE_HTML3
static CharSequenceTranslator	ESCAPE_HTML4
static CharSequenceTranslator	ESCAPE_JAVA
static CharSequenceTranslator	ESCAPE_XML
static CharSequenceTranslator	UNESCAPE_CSV
static CharSequenceTranslator	UNESCAPE_ECMASCRIPT
static CharSequenceTranslator	UNESCAPE_HTML3
static CharSequenceTranslator	UNESCAPE_HTML4
static CharSequenceTranslator	UNESCAPE_JAVA
static CharSequenceTranslator	UNESCAPE_XML

Constructor Summary

StringEscapeUtils()
StringEscapeUtils instances should NOT be constructed in standard programming.

Method Summary

static String	escapeCsv(String input) Returns a String value for a CSV column enclosed in double quotes, if required.
static String	escapeEcmaScript(String input) Escapes the characters in a String using EcmaScript String rules.
static String	escapeHtml3(String input)
static String	escapeHtml4(String input) Escapes the characters in a String using HTML entities.
static String	escapeJava(String input) Escapes the characters in a String using Java String rules.
static String	escapeXml(String input) Escapes the characters in a String using XML entities.
static String	unescapeCsv(String input) Returns a String value for an unescaped CSV column.
static String	unescapeEcmaScript(String input) Unescapes any EcmaScript literals found in the String.
static String	unescapeHtml3(String input)
static String	unescapeHtml4(String input) Unescapes a string containing entity escapes to a string containing the actual Unicode characters corresponding to the escapes.
static String	unescapeJava(String input) Unescapes any Java literals found in the String.
static String	unescapeXml(String input) Unescapes a string containing XML entity escapes to a string containing the actual Unicode characters corresponding to the escapes.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ESCAPE_JAVA

public static final CharSequenceTranslator ESCAPE_JAVA

ESCAPE_ECMASCRIPT

public static final CharSequenceTranslator ESCAPE_ECMASCRIPT

ESCAPE_XML

public static final CharSequenceTranslator ESCAPE_XML

ESCAPE_HTML3

public static final CharSequenceTranslator ESCAPE_HTML3

ESCAPE_HTML4

public static final CharSequenceTranslator ESCAPE_HTML4

ESCAPE_CSV

public static final CharSequenceTranslator ESCAPE_CSV

UNESCAPE_JAVA

public static final CharSequenceTranslator UNESCAPE_JAVA

UNESCAPE_ECMASCRIPT

public static final CharSequenceTranslator UNESCAPE_ECMASCRIPT

UNESCAPE_HTML3

public static final CharSequenceTranslator UNESCAPE_HTML3

UNESCAPE_HTML4

public static final CharSequenceTranslator UNESCAPE_HTML4

UNESCAPE_XML

public static final CharSequenceTranslator UNESCAPE_XML

UNESCAPE_CSV

public static final CharSequenceTranslator UNESCAPE_CSV

Constructor Detail

StringEscapeUtils

public StringEscapeUtils()

StringEscapeUtils instances should NOT be constructed in standard programming.

Instead, the class should be used as:

StringEscapeUtils.escapeJava("foo");

This constructor is public to permit tools that require a JavaBean instance to operate.

Method Detail

escapeJava

public static final String escapeJava(String input)

Escapes the characters in a String using Java String rules.

Deals correctly with quotes and control-chars (tab, backslash, cr, ff, etc.)

So a tab becomes the characters '\\' and 't'.

The only difference between Java strings and JavaScript strings is that in JavaScript, a single quote and forward-slash (/) are escaped.

Example:

 input string: He didn't say, "Stop!"
 output string: He didn't say, \"Stop!\"
 

Parameters:

input - String to escape values in, may be null

Returns:

String with escaped values, null if null string input

escapeEcmaScript

public static final String escapeEcmaScript(String input)

Escapes the characters in a String using EcmaScript String rules.

Escapes any values it finds into their EcmaScript String form. Deals correctly with quotes and control-chars (tab, backslash, cr, ff, etc.)

So a tab becomes the characters '\\' and 't'.

The only difference between Java strings and EcmaScript strings is that in EcmaScript, a single quote and forward-slash (/) are escaped.

Note that EcmaScript is best known by the JavaScript and ActionScript dialects.

Example:

 input string: He didn't say, "Stop!"
 output string: He didn\'t say, \"Stop!\"
 

Parameters:

input - String to escape values in, may be null

Returns:

String with escaped values, null if null string input

unescapeJava

public static final String unescapeJava(String input)

Unescapes any Java literals found in the String. For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'.

Parameters:

input - the String to unescape, may be null

Returns:

a new unescaped String, null if null string input

unescapeEcmaScript

public static final String unescapeEcmaScript(String input)

Unescapes any EcmaScript literals found in the String.

For example, it will turn a sequence of '\' and 'n' into a newline character, unless the '\' is preceded by another '\'.

Parameters:

input - the String to unescape, may be null

Returns:

A new unescaped String, null if null string input

See Also:

unescapeJava(String)

escapeHtml4

public static final String escapeHtml4(String input)

Escapes the characters in a String using HTML entities.

For example:

"bread" & "butter"

becomes:

"bread" & "butter".

Supports all known HTML 4.0 entities, including funky accents. Note that the commonly used apostrophe escape character (') is not a legal entity and so is not supported).

Parameters:

input - the String to escape, may be null

Returns:

a new escaped String, null if null string input

See Also:

ISO Entities, HTML 3.2 Character Entities for ISO Latin-1, HTML 4.0 Character entity references, HTML 4.01 Character References, HTML 4.01 Code positions

escapeHtml3

public static final String escapeHtml3(String input)

unescapeHtml4

public static final String unescapeHtml4(String input)

Unescapes a string containing entity escapes to a string containing the actual Unicode characters corresponding to the escapes. Supports HTML 4.0 entities.

For example, the string "&lt;Fran&ccedil;ais&gt;" will become "<Français>"

If an entity is unrecognized, it is left alone, and inserted verbatim into the result string. e.g. "&gt;&zzzz;x" will become ">&zzzz;x".

Parameters:

input - the String to unescape, may be null

Returns:

a new unescaped String, null if null string input

unescapeHtml3

public static final String unescapeHtml3(String input)

escapeXml

public static final String escapeXml(String input)

Escapes the characters in a String using XML entities.

For example: "bread" & "butter" => &quot;bread&quot; &amp; &quot;butter&quot;.

Supports only the five basic XML entities (gt, lt, quot, amp, apos). Does not support DTDs or external entities.

Note that unicode characters greater than 0x7f are as of 3.0, no longer escaped.

Parameters:

input - the String to escape, may be null

Returns:

a new escaped String, null if null string input

See Also:

unescapeXml(java.lang.String)

unescapeXml

public static final String unescapeXml(String input)

Unescapes a string containing XML entity escapes to a string containing the actual Unicode characters corresponding to the escapes.

Supports only the five basic XML entities (gt, lt, quot, amp, apos). Does not support DTDs or external entities.

Note that numerical \\u unicode codes are unescaped to their respective unicode characters. This may change in future releases.

Parameters:

input - the String to unescape, may be null

Returns:

a new unescaped String, null if null string input

See Also:

escapeXml(String)

escapeCsv

public static final String escapeCsv(String input)

Returns a String value for a CSV column enclosed in double quotes, if required.

If the value contains a comma, newline or double quote, then the String value is returned enclosed in double quotes.

Any double quote characters in the value are escaped with another double quote.

If the value does not contain a comma, newline or double quote, then the String value is returned unchanged.

see Wikipedia and RFC 4180.

Parameters:

input - the input CSV column String, may be null

Returns:

the input String, enclosed in double quotes if the value contains a comma, newline or double quote, null if null string input

Since:

2.4

unescapeCsv

public static final String unescapeCsv(String input)

Returns a String value for an unescaped CSV column.

If the value is enclosed in double quotes, and contains a comma, newline or double quote, then quotes are removed.

Any double quote escaped characters (a pair of double quotes) are unescaped to just one double quote.

If the value is not enclosed in double quotes, or is and does not contain a comma, newline or double quote, then the String value is returned unchanged.

see Wikipedia and RFC 4180.

Parameters:

input - the input CSV column String, may be null

Returns:

the input String, with enclosing double quotes removed and embedded double quotes unescaped, null if null string input

Since:

2.4