francan <francan00@yahoo.com> wrote:
In my Tomcat 6.0.20 container, I have a form value that works great
except if the user enters quotes in the form input. Anything in quotes
wont show up.
For example if they enter: Here is the "info"
The form value would only show: Here is the
Input example that wont work with quotes:
<input type="text" name="city" value="${dataBean.city}" />
If I use tick instead of quotes it works and shows anything in quotes:
<input type="text" name="city" value='${dataBean.city}' />
Please advise why this is happening and if there is an alternate
solution to this issue?
It's happening because the first quote in the dataBean.city value
terminates the field. For example, if dataBean.city contains
abc"def"gh
Then the line above will result in this HTML:
<input type="text" name="city" value="abc"def"gh" />
So the browser sees that value is abc, then there's some extraneous
garbage, which it ignores.
I haven't been able to find a way to escape quote marks within a field
like this, so I think the only way out for you is to (for example) use
double quotes in your HTML, as you're doing, then have your dataBean
change all double quotes in the value of "city" to single quote marks.
That would avoid conflicts in your HTML, though it would show your
user something that's not exactly what they entered sometimes.