问题描述
我正在使用StringEscapeUtils来转义和取消转义html.我有以下代码
I am using StringEscapeUtils to escape and unescape html. I have following code
import org.apache.commons.lang.StringEscapeUtils;
public class EscapeUtils {
public static void main(String args[]) {
String string = " 4-Spaces ,\"Double Quote\", 'Single Quote', \\Back-Slash\\, /Forward Slash/ ";
String escaped = StringEscapeUtils.escapeHtml(string);
String myEscaped = escapeHtml(string);
String unescaped = StringEscapeUtils.unescapeHtml(escaped);
String myUnescaped = StringEscapeUtils.unescapeHtml(myEscaped);
System.out.println("Real String: " + string);
System.out.println();
System.out.println("Escaped String: " + escaped);
System.out.println("My Escaped String: " + myEscaped);
System.out.println();
System.out.println("Unescaped String: " + unescaped);
System.out.println("My Unescaped String: " + myUnescaped);
System.out.println();
System.out.println("Comparison:");
System.out.println("Real String == Unescaped String: " + string.equals(unescaped));
System.out.println("Real String == My Unescaped String: " + string.equals(myUnescaped));
System.out.println("Unescaped String == My Unescaped String: " + unescaped.equals(myUnescaped));
}
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," ");
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
}
输出:
Real String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Comparison:
Real String == Unescaped String: true
Real String == My Unescaped String: false
Unescaped String == My Unescaped String: false
我escaped实数string,然后unescaped.但是myEsceped首先通过相同的过程进行转义,然后将更多的html字符替换为其html代码. myUnescaped实际上是myEscaped的不转义,其内容与真实字符串相同.
I escaped the real string and then unescaped it. but myEsceped is first escaped with same process, and then some more html characters are replaced with their html codes. myUnescaped is actually unescape of myEscaped which has same contents as that of real string.
输出显示实际的string,unescaped和myUnescaped内容相同.但是,与比较部分一样,myUnescaped不等于string和unescaped.
Output shows that real string, unescaped, and myUnescaped contents are same. But, as in Comparison section, myUnescaped is not equal to string and unescaped.
我还不明白这到底是怎么回事.有人可以解释吗?
I don't understand it yet what is actually happening here. Can anyone explain it?
推荐答案
这是由于转义HTML时,您将' '替换为
This due to while escaping HTML, you are replacing ' ' with
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," "); // HERE
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
StringEscapeUtils.escapeHtml 不能逃脱' ',以下是其站点上的示例:
While StringEscapeUtils.escapeHtml does not escape ' ', below is the example on their site:
"bread" & "butter"
成为
"bread" & "butter"
这意味着StringEscapeUtils.escapeHtml保留空格
Which means StringEscapeUtils.escapeHtml preserves spaces
如果从escapeHtml中删除了escaped = escaped.replaceAll(" "," ");,unescaped和myUnescaped匹配项!
If from escapeHtml you remove escaped = escaped.replaceAll(" "," ");, unescaped and myUnescaped match !
这篇关于字符串内容相同,但是equals方法返回false的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!