I want to read a parameter from my query string and display it in my JSP page.
e.g. "Results for your query JSP Query returned 10 results."
I am using the following JSP code to grab the parameter from my querystring
Expand|Select|Wrap|Line Numbers
- String queryStr = (String) request.getParameter("querystr")
I attempted to fix this by using :
Expand|Select|Wrap|Line Numbers
- URLEncoder.encode(queryStr);
e.g Results for your search query
Your search for %3Cscript%3Ealert%28%22hello%22%29%3B%3C%2Fscript% 3E returned 0 results.
Can anyone tell me how to prevent this from happening?
Thanks in advance.