当前位置: 代码迷 >> HTML/CSS >> 轮换HTML Code
  详细解决方案

轮换HTML Code

热度:231   发布时间:2012-09-18 16:21:42.0
替换HTML Code
JSP语言可以通过替换输出数据的特殊字符【& < > ” ’ ( )%+-】为其他表示形式后再输出给客户端,例如:
<%
String OutStr = "<script>alert('XSS')</script>";
OutStr = OutStr.replaceAll("&","&amp;");
OutStr = OutStr.replaceAll("<","&lt;");
OutStr = OutStr.replaceAll(">","&gt;");
OutStr = OutStr.replaceAll("\"","&quot;");
OutStr = OutStr.replaceAll("\'","&#39;");
OutStr = OutStr.replaceAll("\\(","&#40;");
OutStr = OutStr.replaceAll("\\)","&#41;");
OutStr = OutStr.replaceAll("%","&#37;");
OutStr = OutStr.replaceAll("\\+","&#43;");
OutStr = OutStr.replaceAll("-","&#45;");
out.println(OutStr);
%>
  相关解决方案

代码迷 - 您身边的软件异常,代码异常,编程异常助手(发现,解决,分享)
Copyright © 2009-2013 DAIMAMI.COM. All rights reserved.