How to escape HTML in Java

In Java, we can use Apache commons-text, StringEscapeUtils.escapeHtml4(str) to escape HTML characters.

pom.xml

  <dependency>
      <groupId>org.apache.commons</groupId>
      <artifactId>commons-text</artifactId>
      <version>1.8</version>
  </dependency>
JavaEscapeHtmlExample.java

package com.mkyong.html;

// make sure import the correct commons-text package
import org.apache.commons.text.StringEscapeUtils;

// @deprecated as of 3.6, use commons-text StringEscapeUtils instead
//import org.apache.commons.lang3.StringEscapeUtils;

public class JavaEscapeHtmlExample {

    public static void main(String[] args) {

        String html = "<h1> hello & world</h1>";

        String output = StringEscapeUtils.escapeHtml4(html);

        System.out.println(output);

    }
}

Output


&lt;h1&gt; hello &amp; world&lt;/h1&gt;

Note
In the old days, we usually use the Apache commons-lang3, StringEscapeUtils class to escape HTML, but this class is deprecated as of 3.6.


// @deprecated as of 3.6, use commons-text
import org.apache.commons.lang3.StringEscapeUtils;

org.apache.commons.lang3.StringEscapeUtils is deprecated

References

About the Author

author image
mkyong
Founder of Mkyong.com, love Java and open source stuff. Follow him on Twitter. If you like my tutorials, consider make a donation to these charities.

Comments

avatar