| java.lang.Object | ||||
| ↳ | TagSupport | |||
| ↳ | org.springframework.web.servlet.tags.RequestContextAwareTag | |||
| ↳ | org.springframework.web.servlet.tags.HtmlEscapingAwareTag | |||
| ↳ | org.springframework.web.servlet.tags.UrlTag | |||
Class Overview
JSP tag for creating URLs. Modeled after the JSTL c:url tag with backwards compatibility in mind.
Enhancements to the JSTL functionality include:
- URL encoded template URI variables
- HTML/XML escaping of URLs
- JavaScript escaping of URLs
Template URI variables are indicated in the 'value'
attribute and marked by braces '{variableName}'. The braces and attribute name are
replaced by the URL encoded value of a parameter defined with the spring:param tag
in the body of the url tag. If no parameter is available the literal value is
passed through. Params matched to template variables will not be added to the query
string.
Use of the spring:param tag for URI template variables is strongly recommended over direct EL substitution as the values are URL encoded. Failure to properly encode URL can leave an application vulnerable to XSS and other injection attacks.
URLs can be HTML/XML escaped by setting the 'htmlEscape' attribute to 'true'. Detects an HTML escaping setting, either on
this tag instance, the page level, or the web.xml level. The default
is 'false'. When setting the URL value into a variable, escaping is not recommended.
Example usage:
<spring:url value="/url/path/{variableName}">
<spring:param name="variableName" value="more than JSTL c:url" />
</spring:url>
Results in:
/currentApplicationContext/url/path/more%20than%20JSTL%20c%3Aurl
See Also
Summary
|
[Expand]
Inherited Constants | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
 From class
org.springframework.web.servlet.tags.RequestContextAwareTag
| |||||||||||
|
[Expand]
Inherited Fields | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
From class
org.springframework.web.servlet.tags.RequestContextAwareTag
| |||||||||||
| Public Constructors | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Callback hook for nested spring:param tags to pass their value
to the parent tag.
| |||||||||||
Called by doStartTag to perform the actual work.
| |||||||||||
Set the context path for the URL.
| |||||||||||
Set JavaScript escaping for this tag, as boolean value.
| |||||||||||
Set the scope to export the URL variable to.
| |||||||||||
Sets the value of the URL
| |||||||||||
Set the variable name to expose the URL under.
| |||||||||||
| Protected Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Build the query string from available parameters that have not already
been applied as template params.
| |||||||||||
Replace template markers in the URL matching available parameters.
| |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
From class
org.springframework.web.servlet.tags.HtmlEscapingAwareTag
| |||||||||||
|
From class
org.springframework.web.servlet.tags.RequestContextAwareTag
| |||||||||||
|
From class
java.lang.Object
| |||||||||||
|
From interface
org.springframework.web.servlet.tags.ParamAware
| |||||||||||
Public Constructors
public UrlTag ()
Public Methods
public void addParam (Param param)
Callback hook for nested spring:param tags to pass their value to the parent tag.
Parameters
| param | the result of the nested spring:param tag
|
|---|
public int doEndTag ()
Throws
| JspException |
|---|
public int doStartTagInternal ()
Called by doStartTag to perform the actual work.
Returns
- same as TagSupport.doStartTag
Throws
| JspException |
|---|
public void setContext (String context)
Set the context path for the URL. Defaults to the current context
public void setJavaScriptEscape (String javaScriptEscape)
Set JavaScript escaping for this tag, as boolean value. Default is "false".
Throws
| JspException |
|---|
public void setScope (String scope)
Set the scope to export the URL variable to. This attribute has no meaning unless var is also defined.
public void setVar (String var)
Set the variable name to expose the URL under. Defaults to rendering the URL to the current JspWriter
Protected Methods
protected String createQueryString (List<Param> params, Set<String> usedParams, boolean includeQueryStringDelimiter)
Build the query string from available parameters that have not already been applied as template params.
The names and values of parameters are URL encoded.
Parameters
| params | the parameters to build the query string from |
|---|---|
| usedParams | set of parameter names that have been applied as template params |
| includeQueryStringDelimiter | true if the query string should start with a '?' instead of '&' |
Returns
- the query string
Throws
| JspException |
|---|
protected String replaceUriTemplateParams (String uri, List<Param> params, Set<String> usedParams)
Replace template markers in the URL matching available parameters. The name of matched parameters are added to the used parameters set.
Parameter values are URL encoded.
Parameters
| uri | the URL with template parameters to replace |
|---|---|
| params | parameters used to replace template markers |
| usedParams | set of template parameter names that have been replaced |
Returns
- the URL with template parameters replaced
Throws
| JspException |
|---|