Unfortunately I had to resort to building HTML from server side. (some advanced stuff in Grid using
HtmlRenderer ).
Is there an easy way to create a “safe” string value for HTML attribute
without bringing in an external library (e.g. Apache Commons) and
without bringing in Vaadin Client lib.
There’s static method
VaadinServlet.safeEscapeForHtml() but it is deprecated and doesn’t say what the alternative is.
Ahh. What is meant by
HTML escaping is something entirely different. What you are doing above is simply source code escaping (for a lack of better word).
Here’s an HTML escaping example:
Input string:
Ben & Jerry’s makes you fat .
Output string:
Ben & Jerry's makes you fat.
And here’s a source code example:
String tooltip = "Ben & Jerry's makes you fat";
String htmlStr = "<div title=\"" +
safeHtml(tooltip) + "\">ICECREAM</div>";
So, what I’m looking for is the
safeHtml method (just my name for it). As mentioned Vaadin already has this in the form of
VaadinServlet.safeEscapeForHtml() but is is deprecated.