How can i make part of a value in a h:outputText Bold?

Question

How can i make part of a value in a h:outputText Bold? i want the Name in bold:

<h:outputText value="Normal Text: #{Controller.Object.name}" />

i tried: <h:outputText value="Normal Text: <b>#{Controller.Object.name}</b>" />

got this error: "The value of attribute "value" associated with an element type "h:outputText" must not contain the '<' character." after some searches here and others pages, found that the attribute escape="false" could fix this... but doesn't make difference for me,

<h:outputText escape="false" value="Normal Text: <b>#{Controller.Object.name}</b>" />

still got the same error.

has anyone had this problem?

Answer 1

Do you really need <h:outputText>?

In Facelets you can just use EL in template text:

Normal Text: <b>#{Controller.Object.name}</b>

If you really insist in using <h:outputText>, then you should indeed manually escape the XML entities and display it with escape="false":

<h:outputText value="Normal Text: &lt;b&gt;#{Controller.Object.name}&lt;/b&gt;" escape="false" />

This not only reads uglier, but also puts a XSS attack hole open in case #{Controller.Object.name} is a client-controlled value.

See also:

• Is it suggested to use h:outputText for everything?
• CSRF, XSS and SQL Injection attack prevention in JSF