com.google.gwt.safehtml.shared

Class SafeHtmlBuilder

java.lang.Object

com.google.gwt.safehtml.shared.SafeHtmlBuilder

public static class SafeHtmlBuilder
extends Object

A builder that facilitates the building up of XSS-safe HTML from text snippets. It is used essentially like a StringBuilder; unlike a StringBuilder, it automatically HTML-escapes appended input where necessary.

In addition, it supports methods that allow strings with HTML markup to be appended without escaping: One can append other SafeHtml objects, and one can append constant strings. The method that appends constant strings (#appendHtmlConstant(String)) requires a convention of use to be adhered to in order for this class to adhere to the contract required by SafeHtml: The argument expression must be fully determined and known to be safe at compile time, and the value of the argument must not contain incomplete HTML tags. See #appendHtmlConstant(String) for details.

The accumulated XSS-safe HTML can be obtained in the form of a SafeHtml via the #toSafeHtml() method.

This class is not thread-safe.

See Also:

Serialized Form

Method Summary

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, toString