String name = …String attribute = …String xml = "
"+""; "+ name +""+
Many beginners are tempted to create an XML file like the one listed above using String operations because it is easier, but this approach fails to escape reserved characters. If one of the variable name or attribute contain any of the reserved characters <,>,&, ” or ‘ the result would be invalid.
The solution would be that the XML should be assembled in a DOM, using the JDom library, like this:
Element root = new Element("root");Root.setAttribute("attribute", attribute);Root.setText(name);Document doc = new Document();doc.setRootElement(root);XMLOutputter out = new XMLOutputter(Format.getPrettyFormat());String xml = out.outputString(root);