function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

HTML constructed in Apex Class is being safe-encoded!

I am trying to use an Apex Class to dynanamically construct HTML in my company's web page.  The example below makes a good simplified example:



Apex Class:

public with sharing class web_controller_test {


  public String myString = '<a href="">Google</a>';


public String getNavString() {

return myString;

} Page:


<apex:page controller="web_controller_test" standardStyleSheets="false" sidebar="false" showHeader="false" title="Test Page">

<apex:outputPanel id="subnav">
<apex:repeat value="{!NavString}" var="navstring">



The Apex Class has one function that is supposed to return a link to Google.  The SF Sites page calls that function, and the link is supposed to be brought into page code.


Except it doesn't.  Instead of returning HTML, it returns the incorrect safe-encoded version:



Output - What the code spits out:

&lt;a href=""&gt;Google&lt;/a&gt;



This is what it's supposed to look like:



What it should REALLY look like:

<a href="">Google</a>


Does anyone know how to display the actual string, and not the escaped version?


~ Nick

Best Answer chosen by Admin (Salesforce Developers) 

Use an outputText component and set escape attribute to false

<apex:outputText escape="false" value="{!NavString}"/>