From 3bfe4dcca7ec9e6b2bb2e21a5d5b7c6737f60216 Mon Sep 17 00:00:00 2001
From: Juergen Hoeller <jhoeller@vmware.com>
Date: Tue, 30 Dec 2014 15:01:20 +0100
Subject: [PATCH] Switch responseEncodedHtmlEscape default to true

Issue: SPR-12369
---
 .../springframework/web/servlet/support/RequestContext.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/spring-webmvc/src/main/java/org/springframework/web/servlet/support/RequestContext.java b/spring-webmvc/src/main/java/org/springframework/web/servlet/support/RequestContext.java
index 0d4bb2227b..71309b5170 100644
--- a/spring-webmvc/src/main/java/org/springframework/web/servlet/support/RequestContext.java
+++ b/spring-webmvc/src/main/java/org/springframework/web/servlet/support/RequestContext.java
@@ -265,6 +265,8 @@ public class RequestContext {
 		// context-param in web.xml, if any.
 		this.defaultHtmlEscape = WebUtils.getDefaultHtmlEscape(this.webApplicationContext.getServletContext());
 
+		// Determine response-encoded HTML escape setting from the "responseEncodedHtmlEscape"
+		// context-param in web.xml, if any.
 		this.responseEncodedHtmlEscape = WebUtils.getResponseEncodedHtmlEscape(this.webApplicationContext.getServletContext());
 
 		this.urlPathHelper = new UrlPathHelper();
@@ -491,11 +493,11 @@ public class RequestContext {
 	/**
 	 * Is HTML escaping using the response encoding by default?
 	 * If enabled, only XML markup significant characters will be escaped with UTF-* encodings.
-	 * <p>Falls back to {@code false} in case of no explicit default given.
+	 * <p>Falls back to {@code true} in case of no explicit default given, as of Spring 4.2.
 	 * @since 4.1.2
 	 */
 	public boolean isResponseEncodedHtmlEscape() {
-		return (this.responseEncodedHtmlEscape != null && this.responseEncodedHtmlEscape.booleanValue());
+		return (this.responseEncodedHtmlEscape == null || this.responseEncodedHtmlEscape.booleanValue());
 	}
 
 	/**