EscapeTool Class

Last Updated: May 2, 2024
documentation for the dotCMS Content Management System

The EscapeTool allows escaping in Velocity templates. It provides methods to escape outputs for Java, JavaScript, HTML, XML and SQL. Also provides methods to render VTL characters that otherwise needs escaping.

The following example shows how the EscapeTool Viewtool is mapped in the toolbox.xml file:

    <tool>
        <key>esc</key>
        <scope>application</scope>
        <class>org.apache.velocity.tools.generic.EscapeTool</class>
    </tool>

This tool is entirely threadsafe, and has no instance members. It may be used in any scope (request, session, or application).

Usage

MethodDescription
$esc.java($java)Escapes Java code
$esc.javascript($javascript)Escapes JavaScript code
$esc.html($html)Escapes raw HTML
$esc.xml($xml)Escapes raw XML
$esc.sql($sql)Escapes SQL
$esc.dollar
$esc.d
Escapes $
$esc.hash
$esc.h
Escapes #
$esc.backslash
$esc.b
Escapes \
$esc.quote
$esc.q
Escapes "
$esc.singleQuote
$esc.s
Escapes '
$esc.exclamation
$esc.e
Escapes !

Examples

$java                        = He didn't say, "Stop!"
$esc.java($java)             = He didn't say, \"Stop!\"

$javascript                  = He didn't say, "Stop!"
$esc.javascript($javascript) = He didn\'t say, \"Stop!\"

$html                        = "bread" & "butter"
$esc.html($html)             = &quot;bread&quot; &amp; &quot;butter&quot;

$xml                         = "bread" & "butter"
$esc.xml($xml)               = &quot;bread&quot; &amp; &quot;butter&quot;

$sql                         = McHale's Navy
$esc.sql($sql)               = McHale''s Navy

$esc.dollar      = $
$esc.d           = $

$esc.hash        = #  
$esc.h           = #

$esc.backslash   = \ 
$esc.b           = \

$esc.quote       = "
$esc.q           = "

$esc.singleQuote = '
$esc.s           = '

$esc.exclamation = ! 
$esc.e           = !

About

SinceVelocityTools 1.2
AuthorShinobu Kawai

On this page

×

We Dig Feedback

Selected excerpt:

×