In the following code, where I am trying to encode special characters
package hello;
//import java.io.UnsupportedEncodingException;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Encoder;
import org.owasp.esapi.errors.EncodingException;
public class HelloWorld {
public static void main(String[] args) {
// TODO Auto-generated method stub
//System.out.println("Hello Worldadndh");
// System.out.println("ESAPI.accessacController found: "
// + ESAPI.accessController());
String encodedString = encodeForXML("comma underscore hyphen, _ - & () %");
System.out.println("The encoded string is "+encodedString);
}
public static String encodeForXML(String str)
{
return ESAPI.encoder().encodeForXML(str);
}
}
The o/p is
The encoded string is comma underscore hyphen, _ - & () %
Are there some settings which is required to encode , _ -? Thank you.
In XML, it is not necessary to encode the underscore character. See https://www.w3.org/TR/xml/#charencoding.
Only the following characters need to be escaped: https://www.w3.org/TR/REC-xml/#dt-escape.