Class XmlEscapers


  • @GwtCompatible
    public class XmlEscapers
    extends java.lang.Object
    Escaper instances suitable for strings to be included in XML attribute values and elements' text contents. When possible, avoid manual escaping by using templating systems and high-level APIs that provide autoescaping. For example, consider XOM or JDOM.

    Note: Currently the escapers provided by this class do not escape any characters outside the ASCII character range. Unlike HTML escaping the XML escapers will not escape non-ASCII characters to their numeric entity replacements. These XML escapers provide the minimal level of escaping to ensure that the output can be safely included in a Unicode XML document.

    For details on the behavior of the escapers in this class, see sections 2.2 and 2.4 of the XML specification.

    Since:
    15.0
    Author:
    Alex Matevossian, David Beaumont
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static Escaper xmlAttributeEscaper()
      Returns an Escaper instance that escapes special characters in a string so it can safely be included in XML document as an attribute value.
      static Escaper xmlContentEscaper()
      Returns an Escaper instance that escapes special characters in a string so it can safely be included in an XML document as element content.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • xmlContentEscaper

        public static Escaper xmlContentEscaper()
        Returns an Escaper instance that escapes special characters in a string so it can safely be included in an XML document as element content. See section 2.4 of the XML specification.

        Note: Double and single quotes are not escaped, so it is not safe to use this escaper to escape attribute values. Use xmlContentEscaper() if the output can appear in element content or xmlAttributeEscaper() in attribute values.

        This escaper substitutes 0xFFFD for non-whitespace control characters and the character values 0xFFFE and 0xFFFF which are not permitted in XML. For more detail see section 2.2 of the XML specification.

        This escaper does not escape non-ASCII characters to their numeric character references (NCR). Any non-ASCII characters appearing in the input will be preserved in the output. Specifically "\r" (carriage return) is preserved in the output, which may result in it being silently converted to "\n" when the XML is parsed.

        This escaper does not treat surrogate pairs specially and does not perform Unicode validation on its input.

      • xmlAttributeEscaper

        public static Escaper xmlAttributeEscaper()
        Returns an Escaper instance that escapes special characters in a string so it can safely be included in XML document as an attribute value. See section 3.3.3 of the XML specification.

        This escaper substitutes 0xFFFD for non-whitespace control characters and the character values 0xFFFE and 0xFFFF which are not permitted in XML. For more detail see section 2.2 of the XML specification.

        This escaper does not escape non-ASCII characters to their numeric character references (NCR). However, horizontal tab '\t', line feed '\n' and carriage return '\r' are escaped to a corresponding NCR "	", "
", and "
" respectively. Any other non-ASCII characters appearing in the input will be preserved in the output.

        This escaper does not treat surrogate pairs specially and does not perform Unicode validation on its input.