- In Email - Content-Type: text/plain; charset="UTF-8"
- In Client/Web page - set encoding using the following (ordered from highest to lowest priority of browsers):
1) charset parameter on HTTP Content-Type response header from server
Content-Type: text/plain; charset=UTF-8
2) charset on meta tag/element of HTML response
<html> <head> <!-- meta tag must be the very first thing in the <head> section because when encountered by the browser it stops parsing the page and reinterpretes it --> <!-- charset attribute was introduced on HTML5 and is more recommended to use --> <meta charset="UTF-8"> <!-- use http-equiv attribute for HTML versions lower than HTML5 --> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- In Spring, to specify the encdoing to be usd in decoding form data - add filter for encoding
<filter> <filter-name>EncodingFilter</filter-name> <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter>
More on specifying encoding: http://stackoverflow.com/questions/138948/how-to-get-utf-8-working-in-java-webapps
Possible consequence of not specifying encoding:
- Security issue - Sample: Google's XSS issue with UTF-7, read http://nedbatchelder.com/blog/200704/xss_with_utf7.html for explanation
No comments:
Post a Comment