How to stop html textarea from interpreting html entities into their characters

Question

I have an html textarea that is used to display a string from a database. The textarea can be edited and any changes are saved to the database.

The problem is that when it recieves entities ® in a string it converts them into their characters, and then when the text is saved the characters overwrite the entities. For example: The database would return the string Microsoft® which would be displayed as Microsoft®, and then saved that way. Is there a way to force textareas to not interpret entities?

Follow up: my thought right now is to, on getting the string from the database replace all '&' with '&'. But I'm still wondering if there is a way to stop textareas from converting the strings they recieve.

Answer 1

So you want to escape HTML entities? You can use either JSTL <c:out> or fn:escapeXml().

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
...
<textarea><c:out value="${bean.text}" /></textarea>

or

<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
...
<textarea>${fn:escapeXml(bean.text)}</textarea>

It will by default escape under each & to & so that for example ® ends up to become ® and this way it will be displayed as ®.