java-字符串内容相同,但等于方法返回false
作者:互联网
我正在使用StringEscapeUtils来转义和取消转义html.我有以下代码
import org.apache.commons.lang.StringEscapeUtils;
public class EscapeUtils {
public static void main(String args[]) {
String string = " 4-Spaces ,\"Double Quote\", 'Single Quote', \\Back-Slash\\, /Forward Slash/ ";
String escaped = StringEscapeUtils.escapeHtml(string);
String myEscaped = escapeHtml(string);
String unescaped = StringEscapeUtils.unescapeHtml(escaped);
String myUnescaped = StringEscapeUtils.unescapeHtml(myEscaped);
System.out.println("Real String: " + string);
System.out.println();
System.out.println("Escaped String: " + escaped);
System.out.println("My Escaped String: " + myEscaped);
System.out.println();
System.out.println("Unescaped String: " + unescaped);
System.out.println("My Unescaped String: " + myUnescaped);
System.out.println();
System.out.println("Comparison:");
System.out.println("Real String == Unescaped String: " + string.equals(unescaped));
System.out.println("Real String == My Unescaped String: " + string.equals(myUnescaped));
System.out.println("Unescaped String == My Unescaped String: " + unescaped.equals(myUnescaped));
}
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," ");
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
}
输出:
Real String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Escaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
My Unescaped String: 4-Spaces ,"Double Quote", 'Single Quote', \Back-Slash\, /Forward Slash/
Comparison:
Real String == Unescaped String: true
Real String == My Unescaped String: false
Unescaped String == My Unescaped String: false
我对真实的字符串进行了转义,然后对其进行了转义.但是myEsceped首先使用相同的过程进行转义,然后将更多的html字符替换为其html代码. myUnescaped实际上是myEscaped的不转义,其内容与真实字符串相同.
输出显示实际字符串,未转义的内容和myUnescaped的内容相同.但是,就像在“比较”部分中一样,myUnescaped不等于string和unscapeed.
我还不明白这到底是怎么回事.有人可以解释吗?
解决方法:
这是由于在转义HTML时,您要用& nbsp;替换”.
public static String escapeHtml(String s) {
String escaped = "";
if(null != s) {
escaped = StringEscapeUtils.escapeHtml(s);
escaped = escaped.replaceAll(" "," "); // HERE
escaped = escaped.replaceAll("'","'");
escaped = escaped.replaceAll("\\\\","\");
escaped = escaped.replaceAll("/","/");
}
return escaped;
}
尽管StringEscapeUtils.escapeHtml不能逃脱“”,但以下是其站点上的示例:
"bread" & "butter"
变成
"bread" & "butter"
这意味着StringEscapeUtils.escapeHtml保留空格
如果从escapeHtml中删除了escaped = escaped.replaceAll(“”,“& nbsp;”);“,则未转义和myUnescaped匹配!
标签:java,stringescapeutils 来源: https://codeday.me/bug/20191031/1971972.html