Class EncodingFilteredBodyTag

  • All Implemented Interfaces:
    Serializable, BodyTag, IterationTag, JspTag, Tag, TryCatchFinally
    Direct Known Subclasses:
    EncodingTag, JavaScriptTag, JsonTag, LdJsonTag, MysqlTag, PsqlTag, ShTag, TextTag, UrlTag, XhtmlAttributeTag, XhtmlTag

    public abstract class EncodingFilteredBodyTag
    extends BodyTagSupport
    implements TryCatchFinally

    An implementation of BodyTagSupport that automatically validates its content and automatically encodes its output correctly given its context. It also validates its own output when used in a non-validating context. For higher performance, it filters the output from its body instead of buffering.

    The content validation is primarily focused on making sure the contained data is properly encoded. This is to avoid data corruption or intermingling of data and code. It does not go through great lengths such as ensuring that XHTML Strict is valid or JavaScript will run correctly.

    In additional to checking that its contents are well behaved, it also is well behaved for its container by properly encoding its output for its context. To determine its context, it uses the content type of the currently registered RequestEncodingContext to perform proper encoding. If it fails to find any such context, it uses the content type of the HttpServletResponse.

    Finally, if no existing RequestEncodingContext is found, this will validate its own output against the content type of the HttpServletResponse to make sure it is well-behaved.

    Author:
    AO Industries, Inc.
    See Also:
    Serialized Form