在servlet中将<>转化成&lt&gt的函数是什么

我也想知道,若没有的话可以用以下FUNCTION
String toHtml(String str)
{
while(str.indexOf('<')>=0)
   {
   intpos = str.indexOf('<');
   str = str.substring(0,intpos) + '&lt' + str.substring(intpos +1);
   }
while(str.indexOf('>')>=0)
   {
   intpos = str.indexOf('>');
   str = str.substring(0,intpos) + '&gt' + str.substring(intpos +1);
   }
while(str.indexOf('&')>=0)
   {
   intpos = str.indexOf('&');
   str = str.substring(0,intpos) + '%26' + str.substring(intpos +1);
   }
   while(str.indexOf('?')>=0)
   {
   intpos = str.indexOf('?');
   str = str.substring(0,intpos) + '%3F' + str.substring(intpos +1);
   }
   while(str.indexOf('\n')>=0)
   {
   intpos = str.indexOf('\n');
   str = str.substring(0,intpos -1) + '<br>' + str.substring(intpos +1);
   }
   return str;
}

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

Thank u first of all,but i have a better method ,u may use  Class StringBuffer ,it can insert or append a char to a string,And  as u say u must list all of invalid code,in that way the number is too much,I think u can regard 'a-z',"a-z","0-9" as valid code,and others are invalid codes.
by the way ,u can see
http://www.rgagnon.com/javadetails/java-0306.html
good luck!
If u have other good solutions of Cross Site Scripting please tell me,thank u
Thank you, I think your program and the follow encode function will be a good solution.import java.net.URLEncoder;
class Test1
{
public static void main(String[] args)
{
System.out.println (URLEncoder.encode("sfds%&^(*&"));
}
}