package com.paic.pad.info.common.filter;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.util.HtmlUtils;
/**
* Html文转义
* @author
*
*/
public class HtmlEscapeFilter extends EscapeFilter{
@Override
public String doFilter(String str, FilterChain chain) {
if (StringUtils.isEmpty(str)) {
return str;
}
switch(this.getEscapeTyle()){
case ESCAPE:
str = HtmlUtils.htmlEscape(str);
break;
case UNESCAPE:
str = StringEscapeUtils.unescapeHtml(str);
break;
default:
break;
}
return chain.doFilter(str, chain);
}
public static void main(String[] args) {
String tep = HtmlUtils.htmlEscape("<input type='text'/>");
String value =HtmlUtils.htmlUnescape(tep);
String t = StringEscapeUtils.escapeHtml("<input type='text'/>");
String sql =StringEscapeUtils.escapeSql("select * from emp where 1=1 ");
String v = StringEscapeUtils.unescapeHtml(t);
System.out.println(tep);
System.out.println(t);
System.out.println(value);
System.out.println(v);
System.out.println(sql);
}
}
