[Esapi-user] Avoiding double escapes

Uma Venkatakrishnan uma at akhilainfo.co.in
Thu Jul 6 08:21:51 UTC 2017


Hi All,

I am using fn:escapeXml() from JSTL core to escape character inputs in my
jsps. I find that if a string with a '&' is escaped with &amp then when
re-loading the page, it escapes it again and makes it '&&amp'. How to
stop the double encoding in jsps.

Please share any ideas.

Thanks
Uma
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20170706/21256363/attachment.html>


More information about the Esapi-user mailing list