Hi, If escaping the HTML is good for your usecase (which usually is, instead of stripping), you have multiple options: * apache commons StringEscapeUtils [1] - directly use the static methods * velocity's EscapeTool (XWiki's extended version actually [2]) - instantiate and use * your favourite string escaping library Thanks, Eduard ---------- [1] https://commons.apache.org/proper/commons-lang/javadocs/api-3.1/org/apache/c... [2] http://platform.xwiki.org/xwiki/bin/view/SRD/Navigation?api=escapetool&xpage... On Tue, Jan 13, 2015 at 10:16 PM, Bryn Jeffries <[email protected]
wrote:
I have a Groovy script that takes input from a form textarea. I'd like to prevent html (and JS) markup from being submitted and, if HTML is submitted, strip it out. Is there a tool already packaged within XWiki to do this, or should I look to an external package like Jericho?
Thanks,
Bryn _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users