<h:outputtext> prints HTML as-is instead of actual HTML [duplicate]

Asked 9/5, 2012 at 13:32 Answered 12/5, 2016 at 16:33

I am using JSF 1.2

I am trying to print text using <h:outputtext>

<h:outputText id="warningDose" styleClass="redText" value="#{templatePrescriptionMaintenanceBackingBean.doseWarningText}"></h:outputText>

Now this variable contains text with html tags. <b>,<i> etc...

But that displays content as it is instead of actual bold or italic html output.

Is there any way we can make this <h:outputText> such that it gives html response?

Sheriff answered 9/5, 2012 at 13:32 Comment(0)

You should set in the h:outputText tag:

escape="false"

But remember that mixing "view" construction (i.e., creating a string with HTML tags) between the JSF view page and the underlying bean is kinda bad practice. All the "view production" should be in the view page.

Droopy answered 9/5, 2012 at 13:57 Comment(8)

Why exactly is it a bad practice? Could you please further elaborate on that? Even if I have full control over the generated HTML code? – Lumber 14/11, 2014 at 13:38

@Lumber for the same reason why MVC is a good practice. It allows you to do views using view specific language (e.g. html, fragments, freemarker etc) and keeps the model unaware of different representations . Sometimes it might be more convenient to create view specific 'models' and do it in Java, but generally this is ideally avoided as Java is not appropriate (and code usually looks pretty ugly) for describing views. Hope it makes sense. – Scyphus 1/4, 2015 at 4:52

Thanks @Stef. Once I was forced to output HTML in a unescaped h:outputText in the cells of a grid, couldn't make a facelet because the page had been badly designed and I wasn't allowed to redesign it (CSS styles were applied by component ids, yuck!), so ids would be duplicated and the page would blow up. Thanks. – Lumber 1/4, 2015 at 13:49

@jpangamarca, guess you were not allowed to change the CSS as otherwise you'd have been able to change it. Yep, that should never be the case. The view logic should always be in HTML or the like. I've seen many times view specific logic in Java as it feels easier sometimes, but it almost always comes back at you later in the life of that product when e.g. you want to do internationalization or just want to show specific data differently for a different client e.g. – Scyphus 24/4, 2015 at 22:0

What exactly is the reason for this to be a bad habbit? I have a case where the user of the web app is allowed to create HTML enhanced pages for the CMS. He has a WYSIWYG-editor for the pages and the content is stored "as is" into a LONGBLOB. Is that now bad habbit or an exception to break the MVC idea? – Disqualify 21/2, 2016 at 4:37

@Socrates: mixing view and model/control should be the last resort. Of course if the user has the opportunity to "inject" directly HTML into the page, there's nothing to do about it. But you (developer) should not write HTML in the model/control classes. You simply pass that Longblob to the view, and it's up to the view page to resolve it (by marking the outputText with escape=false, for example). That way, the app still responds to the MVC pattern, as the 3 elements are separed (the control doesn't make any operation on the injected HTML; it doesn't even know it's HTML). – Droopy 22/2, 2016 at 9:2

@Droopy Ok, understood. Therefore, indeed an exception for the CMS HTML. But isn't it breaking the MVC when passing commands from the Controller to the View? Like with: DefaultMenuItem.setCommand("#{myBean.doSomething()}")? This is basically the Controller telling the View to access the Controller again. Isn't that breaking the MVC pattern? – Disqualify 22/2, 2016 at 9:47

@Socrates: in my opinion, no. :) I might be contradicted by someone more experienced, but as long as you keep the logic out of the view, and the markup out of the controller, you aren't breaking MVC pattern. So, if you inject HTML in the view through the controller, but you "don't know" it's HTML (such as in your case, where the markup is hidden in a clob), I think it's fine. Otherwise most of actual framework implementing MVC pattern were broken... :) from the page, it's quite usual to access something exposed by the controller. – Droopy 22/2, 2016 at 16:0

Just set it to not escape.

<h:outputText id="warningDose" escape="false" styleClass="redText" value="#{templatePrescriptionMaintenanceBackingBean.doseWarningText}"></h:outputText>

Bradberry answered 9/5, 2012 at 13:51 Comment(0)

I had a very similar problem. My question is here

My xhtml page looks like -

<h:outputText  itemEscaped="false" escape="false"    value="#{singleViewResultDO.associatedCode}" />

associatedCode is getting value from a SQL query where I want to use HTML tag to have conditional styling.

Here is my SQL query looks like:

Select A, REPLACE(Wm_Concat(DISTINCT  CASE WHEN sv.rmvd = 0 THEN  ' '||sv.CMPNION_CD  ELSE '<span style=\"color:red; \">' || ' '||sv.CMPNION_CD|| '</span>' END),' , ','') ,  "
from Table

Ignore REPLACE and WM_CONCAT as it is for displaying comma separated values. The piece of code relevant is

CASE WHEN sv.rmvd = 0 THEN  ' '||sv.CMPNION_CD  ELSE '<span style=\"color:red; \">' || ' '||sv.CMPNION_CD|| '</span>' END

I want to have tag based on a condition rmvd = 0.. Since, I have escape="false" in my , I don't need to escape my html tags in query. What I mean is no need to convert < to < > to > and " to "

Also note that since I have double quotes "" in my span, I need to escape it once so it won't be escaped when it reaches .

I am getting my output as desired - 8000778 in red color

Negation answered 12/5, 2016 at 16:33 Comment(0)

Recommended topics

Hot tags