tomcat-taglibs-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stephen Riek <>
Subject Escaping quotes in form fields - c:out doesn't see my variable
Date Tue, 04 Feb 2003 05:51:30 GMT

Sorry for such an easy question but I must be misunderstanding
the fundamental usage of the JSTL. 

How do I get JSTL to output a string which has been formatted
to escape special characters, so that it is safe to put in a form 
field ? I have tried the following but it does not work-

<input name="title" value="<c:out value="${book.getTitle()}"/>">

where 'book' is an instance of a Javabean which I have created
within a JSP scriptlet like this,

Book book = new Book(request.getParameter("BookId"));

As you can see, I do NOT use JSTL's database tags for 
querying databases since I have already wrapped all that 
functionality and business logic inside my Javabeans (in
this case, the "Book" class).  However, it seems that the
JSTL <c:out> tag is unable to see my variable 'book' if I
instantiate it in this way, am I correct ? 

I only want to use the <c:out> tag in order to escape any
characters (such as ", ', &, \, >) which may upset my 
input tag. Is this overkill or should I use a simple search/replace
instead ? I hope the solution will work with double-byte
characters too. 

Thank you for bearing with me,



With Yahoo! Mail you can get a bigger mailbox -- choose a size that fits your needs

  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message