html转义文本---HttpServletRequest对象增强

在表单提交文本时，文本内容本身可能就是一段html格式内容，因此要是不做转义直接显示在网页上时，将会被当做一段html文本进行显示，这就和本身提交的内容不符，因此可以对request对象进行增强，是提交的数据按其原格式进行显示。下面是个MyHtmlRequest包装类，其中filter方法是tomcat中HtmlFilter.java里的一段源码。

public class MyHtmlRequest extends HttpServletRequestWrapper {private HttpServletRequest request;public MyHtmlRequest(HttpServletRequest request) {super(request);// TODO Auto-generated constructor stubthis.request = request;} /* (non-Javadoc) * @see javax.servlet.ServletRequestWrapper#getParameter(java.lang.String) */@Overridepublic String getParameter(String name) {// TODO Auto-generated method stubString value = request.getParameter(name);if(value==null){return null;}return filter(value);}public String filter(String message) {        if (message == null)            return (null);        char content[] = new char[message.length()];        message.getChars(0, message.length(), content, 0);        StringBuilder result = new StringBuilder(content.length + 50);        for (int i = 0; i < content.length; i++) {            switch (content[i]) {            case '<':                result.append("<");                break;            case '>':                result.append(">");                break;            case '&':                result.append("&");                break;            case '"':                result.append(""");                break;            default:                result.append(content[i]);            }        }        return (result.toString());    }}

Filter：

@Overridepublic void doFilter(ServletRequest req, ServletResponse resp,FilterChain chain) throws IOException, ServletException {// TODO Auto-generated method stubHttpServletRequest request = (HttpServletRequest)req;HttpServletResponse response = (HttpServletResponse)resp;MyHtmlRequest myReq = new MyHtmlRequest(request);chain.doFilter(myReq, response);}