我正在使用 StringEscapeUtils 转义和取消转义 html。我有以下代码
import org.apache.commons.lang.StringEscapeUtils;
public class EscapeUtils {
public static void main(String args[]) {
String string = " 4-Spaces ,\"Double Quote\", 'Single Quote', \\Back-Slash\\, /Forward Slash/ ";
String escaped = StringEscapeUtils.escapeHtml(string);
String myEscaped = escapeHtml(string);
String unescaped = StringEscapeUtils.unescapeHtml(escaped);
String myUnescaped = StringEscapeUtils.unescapeHtml(myEscaped);
System.out.println("Real String: " + string);
System.out.println();
System.out.println("Escaped String: " + escaped);
System.out.println("My Escaped String: " + myEscaped);
System.out.println();
System.out.println("Unescaped String: " + unescaped);
System.out.println("My Unescaped String: " + myUnescaped);
System.out.println();
System.out.println("Comparison:");
System.out.println("Real String == Unescaped String: " + string.equals(unescaped));
System.out.println("Real String == My Unescaped String: " + string.equals(myUnescaped));
System.out.println("Unescaped String == My Unescaped String: " + unescaped.equals(myUnescaped));
}
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," ");
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
}
输出:
Real String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Comparison:
Real String == Unescaped String: true
Real String == My Unescaped String: false
Unescaped String == My Unescaped String: false
我转义真正的字符串然后取消转义。但是 myEsceped 首先使用相同的过程进行转义,然后将更多的 html 字符替换为它们的 html 代码。 myUnescaped 实际上是对myEscaped 的转义,与真正的字符串内容相同。
输出显示真实的string、unescaped 和myUnescaped 内容相同。但是,在比较部分,myUnescaped 不等于 string 和 unescaped。
我还不明白这里到底发生了什么。谁能解释一下?
最佳答案
这是因为在转义 HTML 时,您将 ' ' 替换为
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," "); // HERE
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
同时 StringEscapeUtils.escapeHtml不会转义 ' ',下面是他们网站上的例子:
"bread" & "butter"
成为
"bread" & "butter"
这意味着 StringEscapeUtils.escapeHtml 保留空格
如果从 escapeHtml 中删除 escaped = escaped.replaceAll(""," ");, unescaped 和 myUnescaped 匹配!
关于java - 字符串内容相同但 equals 方法返回 false,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/16207625/