What is c: out used for jsp

Question

What is c: out used for jsp

I saw something like

<c:out   something

</c:out>

what is it used for

+3

java jsp

John Feb 22 '11 at 13:59

source share

3 answers

. , , . c:out html-, XSS.

, " " , null:

<c:out value="${foo.bar}">Foobar is null!</c:out>

+2

dbyrne 22 . '11 14:01

c:out HTML-, .

, null.

.

<c:out value="${variable}">variable is null</c:out>

"variable is null", .

+1

dogbane 22 . '11 14:05

Balusc · Accepted Answer · 2011-02-22T14:02:07+0000

Used to print server-side variables to prevent HTML / XML leakage. When you apply this on a user-controlled input (request parameters, headers, cookies, stored data, etc.), this will prevent your XSS website from attacking holes.

If the displayed data is not controlled by the end user and you are using JSP 2.0 or later ( web.xmldeclared as Servlet 2.4 or later, and the container supports it), you can also just use

${bean.property}

instead

<c:out value="${bean.property}" />

What is c: out used for jsp

See also:

More articles: