Class EncodingFilteredBodyTag

java.lang.Object
javax.servlet.jsp.tagext.TagSupport
javax.servlet.jsp.tagext.BodyTagSupport
com.aoapps.encoding.taglib.legacy.EncodingFilteredBodyTag
All Implemented Interfaces:
Serializable, BodyTag, IterationTag, JspTag, Tag, TryCatchFinally
Direct Known Subclasses:
EncodingTag, JavaScriptTag, JsonTag, LdJsonTag, MysqlTag, PsqlTag, ShTag, StyleTag, TextTag, UrlTag, XhtmlAttributeTag, XhtmlTag

public abstract class EncodingFilteredBodyTag extends BodyTagSupport implements TryCatchFinally

An implementation of BodyTagSupport that automatically validates its content and automatically encodes its output correctly given its context. It also validates its own output when used in a non-validating context. For higher performance, it filters the output from its body instead of buffering.

The content validation is primarily focused on making sure the contained data is properly encoded. This is to avoid data corruption or intermingling of data and code. It does not go through great lengths such as ensuring that XHTML Strict is valid or JavaScript will run correctly.

In additional to checking that its contents are well behaved, it also is well behaved for its container by properly encoding its output for its context. To determine its context, it uses the content type of the currently registered RequestEncodingContext to perform proper encoding. If it fails to find any such context, it uses the content type of the HttpServletResponse.

Finally, if no existing RequestEncodingContext is found, this will validate its own output against the content type of the HttpServletResponse to make sure it is well-behaved.

Author:
AO Industries, Inc.
See Also: