Encoders (Jakarta MVC 2.0.0.M1 API)

```
public interface Encoders
```
Interface that provides encoders to escape code in JavaScript, HTML, etc. Encoding data is a way to prevent XSS attacks by ensuring it is not misinterpreted as running code. Implementations of this interface are injectable and accessible from EL via the MvcContext class as mvc.encoders.

Since:

1.0

Author:

Santiago Pericas-Geertsen

See Also:

OWASP Encoder Project

Method Summary

All Methods Instance Methods Abstract Methods
Modifier and Type	Method	Description
`String`	`html(String s)`	Encoding for HTML code in attributes or content.
`String`	`js(String s)`	Encoding for JavaScript code in attributes or script blocks.

- Method Detail
  - js
```
String js(String s)
```
    Encoding for JavaScript code in attributes or script blocks. It MUST support encoding of (at least) the following characters:
    
    Encoding Table
    
    Input Character Encoding
    
    U+0008 (BS) \b
    
    U+0009 (HT) \t
    
    U+000A (LF) \n
    
    U+000C (FF) \f
    
    U+000D (CR) \r
    
    / \/
    
    \ \\
    
    " \x22
    
    & \x26
    
    ' \x27
    
    U+0000-U001F \x##
    
    Parameters:
    
    s - string to encode.
    
    Returns:
    
    encoded string.
  - html
```
String html(String s)
```
    Encoding for HTML code in attributes or content. It MUST support encoding of (at least) the following characters:
    
    Encoding Table
    
    Input Character Encoding
    
    & &
    
    < <
    
    > >
    
    " "
    
    ' '
    
    Parameters:
    
    s - string to encode.
    
    Returns:
    
    encoded string.