轮换HTML Code

替换HTML Code
JSP语言可以通过替换输出数据的特殊字符【& < > ” ’ ( )%+-】为其他表示形式后再输出给客户端，例如：

<%String OutStr = "<script>alert('XSS')</script>";OutStr = OutStr.replaceAll("&","&amp;");OutStr = OutStr.replaceAll("<","&lt;");OutStr = OutStr.replaceAll(">","&gt;");OutStr = OutStr.replaceAll(""","&quot;");OutStr = OutStr.replaceAll("\'","&#39;");OutStr = OutStr.replaceAll("\\(","&#40;");OutStr = OutStr.replaceAll("\\)","&#41;");OutStr = OutStr.replaceAll("%","&#37;");OutStr = OutStr.replaceAll("\\+","&#43;");OutStr = OutStr.replaceAll("-","&#45;");out.println(OutStr);%>