Can SafeHtmlBuilder excapse SafeHtml while still keeping SafeHtml the way it is(GWT)?

Question

Here is my requirement. I have a textbox & user can type anything in the textbox and the system will convert it into html. However, it only converts <b> or <i> tag & ignore all other tags. The result of that text will be put into <h1> tag.

Ex, user typ in textbox: <h1>text <i>test</i></h1> it will out put:

<h1>text test</h1>

So if user types <h1> in the text box then the system should be smart enough to know that it should escape that <h1> but then it has to put <h1> to the final string.

The code could be like this. I use SimpleHtmlSanitizer to sanitize string & only allows <b> or <i>

SafeHtml mySafeHtml=MySimpleHtmlSanitizer.sanitizeHtml("<h1>text <i>test</i></h1>");

so, if i print out mySafeHtml, then it will show like this:

<h1>text test</h1>

But Then how to make that String embraced inside tag?

SafeHtmlBuilder builder = new SafeHtmlBuilder();
builder.appendHtmlConstant("<h1>");
builder.appendEscaped(mySafeHtml); // err here cos SafeHtmlBuilder does not excapse SafeHtml?
builder.appendHtmlConstant("</h1>");

So how to solve my problem?

Answer 1

My take on this would be something like this, why not check if your mySafeHtml starts with a <h1> and then conditionally append?

Example :

SafeHtmlBuilder builder = new SafeHtmlBuilder();

//check if your `mySafeHtml` starts and ends with <h1>

if(  (mySafeHtml.startsWith("<h1>") 
       || mySafeHtml.startsWith("<H1>"))
  && (mySafeHtml.endsWith("</h1>")
      || mySafeHtml.endsWith("</H1>"))
  )
{
    builder.appendEscaped(mySafeHtml); // err here cos SafeHtmlBuilder does not excapse 
}
else
{
   builder.appendHtmlConstant("<h1>");
   builder.appendEscaped(mySafeHtml); // err here cos SafeHtmlBuilder does not excapse  SafeHtml?
   builder.appendHtmlConstant("</h1>");
}