SafeHtmlBuilder (GWT Javadoc)

java.lang.Object
- com.google.gwt.safehtml.shared.SafeHtmlBuilder

```
public final class SafeHtmlBuilder
extends java.lang.Object
```
A builder that facilitates the building up of XSS-safe HTML from text snippets. It is used essentially like a StringBuilder; unlike a StringBuilder, it automatically HTML-escapes appended input where necessary.
In addition, it supports methods that allow strings with HTML markup to be appended without escaping: One can append other SafeHtml objects, and one can append constant strings. The method that appends constant strings (appendHtmlConstant(String)) requires a convention of use to be adhered to in order for this class to adhere to the contract required by SafeHtml: The argument expression must be fully determined and known to be safe at compile time, and the value of the argument must not contain incomplete HTML tags. See appendHtmlConstant(String) for details.
The accumulated XSS-safe HTML can be obtained in the form of a SafeHtml via the toSafeHtml() method.
This class is not thread-safe.

Constructor Summary

Constructors
Constructor and Description

SafeHtmlBuilder()
Constructs an empty SafeHtmlBuilder.

Constructors
Constructor and Description
`SafeHtmlBuilder()` Constructs an empty SafeHtmlBuilder.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SafeHtmlBuilder`	`append(boolean b)` Appends the string representation of a boolean.
`SafeHtmlBuilder`	`append(byte num)` Appends the string representation of a number.
`SafeHtmlBuilder`	`append(char c)` Appends the string representation of a char.
`SafeHtmlBuilder`	`append(double num)` Appends the string representation of a number.
`SafeHtmlBuilder`	`append(float num)` Appends the string representation of a number.
`SafeHtmlBuilder`	`append(int num)` Appends the string representation of a number.
`SafeHtmlBuilder`	`append(long num)` Appends the string representation of a number.
`SafeHtmlBuilder`	`append(SafeHtml html)` Appends the contents of another `SafeHtml` object, without applying HTML-escaping to it.
`SafeHtmlBuilder`	`appendEscaped(java.lang.String text)` Appends a string after HTML-escaping it.
`SafeHtmlBuilder`	`appendEscapedLines(java.lang.String text)` Appends a string consisting of several newline-separated lines after HTML-escaping it.
`SafeHtmlBuilder`	`appendHtmlConstant(java.lang.String html)` Appends a compile-time-constant string, which will not be escaped.
`SafeHtml`	`toSafeHtml()` Returns the safe HTML accumulated in the builder as a `SafeHtml`.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SafeHtmlBuilder
```
public SafeHtmlBuilder()
```
    Constructs an empty SafeHtmlBuilder.
- Method Detail
  - append
```
public SafeHtmlBuilder append(boolean b)
```
    Appends the string representation of a boolean.
    
    Parameters:
    
    b - the boolean whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(byte num)
```
    Appends the string representation of a number.
    
    Parameters:
    
    num - the number whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(char c)
```
    Appends the string representation of a char.
    
    Parameters:
    
    c - the character whose string representation to append
    
    Returns:
    
    a reference to this object
    
    See Also:
    
    SafeHtmlUtils.htmlEscape(char)
  - append
```
public SafeHtmlBuilder append(double num)
```
    Appends the string representation of a number.
    
    Parameters:
    
    num - the number whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(float num)
```
    Appends the string representation of a number.
    
    Parameters:
    
    num - the number whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(int num)
```
    Appends the string representation of a number.
    
    Parameters:
    
    num - the number whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(long num)
```
    Appends the string representation of a number.
    
    Parameters:
    
    num - the number whose string representation to append
    
    Returns:
    
    a reference to this object
  - append
```
public SafeHtmlBuilder append(SafeHtml html)
```
    Appends the contents of another SafeHtml object, without applying HTML-escaping to it.
    
    Parameters:
    
    html - the SafeHtml to append
    
    Returns:
    
    a reference to this object
  - appendEscaped
```
public SafeHtmlBuilder appendEscaped(java.lang.String text)
```
    Appends a string after HTML-escaping it.
    
    Parameters:
    
    text - the string to append
    
    Returns:
    
    a reference to this object
    
    See Also:
    
    SafeHtmlUtils.htmlEscape(String)
  - appendEscapedLines
```
public SafeHtmlBuilder appendEscapedLines(java.lang.String text)
```
    Appends a string consisting of several newline-separated lines after HTML-escaping it. Newlines in the original string are converted to <br> tags.
    
    Parameters:
    
    text - the string to append
    
    Returns:
    
    a reference to this object
    
    See Also:
    
    SafeHtmlUtils.htmlEscape(String)
  - appendHtmlConstant
```
public SafeHtmlBuilder appendHtmlConstant(java.lang.String html)
```
    Appends a compile-time-constant string, which will not be escaped.
    Important: For this class to be able to honor its contract as required by SafeHtml, all uses of this method must satisfy the following constraints:
    1. The argument expression must be fully determined at compile time.
    2. The value of the argument must end in "inner HTML" context and not contain incomplete HTML tags. I.e., the following is not a correct use of this method, because the <a> tag is incomplete:
      shb.appendHtmlConstant("<a href='").append(url)
    The first constraint provides a sufficient condition that the appended string (and any HTML markup contained in it) originates from a trusted source. The second constraint ensures the composability of SafeHtml values.
    When executing client-side in Development Mode, or server-side with assertions enabled, the argument is HTML-parsed and validated to satisfy the second constraint (the server-side check can also be enabled programmatically, see SafeHtmlHostedModeUtils.maybeCheckCompleteHtml(String) for details). For performance reasons, this check is not performed in prod mode on the client, and with assertions disabled on the server.
    Parameters:
    
    html - the HTML snippet to be appended
    
    Returns:
    
    a reference to this object
    
    Throws:
    
    java.lang.IllegalArgumentException - if not running in prod mode and html violates the second constraint
  - toSafeHtml
```
public SafeHtml toSafeHtml()
```
    Returns the safe HTML accumulated in the builder as a SafeHtml.
    
    Returns:
    
    a SafeHtml instance

Class SafeHtmlBuilder

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

SafeHtmlBuilder

Method Detail

append

append

append

append

append

append

append

append

appendEscaped

appendEscapedLines

appendHtmlConstant

toSafeHtml