1## OWASP JSP 2 3The OWASP JSP Encoder is a collection of high-performance low-overhead 4contextual encoders that, when utilized correctly, is an effective tool in 5preventing Web Application security vulnerabilities such as Cross-Site 6Scripting (XSS). 7 8Please see the [OWASP XSS Prevention Cheat Sheet](https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet) 9for more information on preventing XSS. 10 11### JSP Usage 12 13The JSP Encoder makes the use of the Java Encoder within JSP simple via a TLD that 14includes tags and a set of JSP EL functions: 15 16```xml 17<dependency> 18 <groupId>org.owasp.encoder</groupId> 19 <artifactId>encoder-jsp</artifactId> 20 <version>1.2.3</version> 21</dependency> 22``` 23 24```JSP 25<%@taglib prefix="e" uri="https://www.owasp.org/index.php/OWASP_Java_Encoder_Project" %> 26 27<%-- ... --%> 28 29<p>Dynamic data via EL: ${e:forHtml(param.value)}</p> 30<p>Dynamic data via tag: <e:forHtml value="${param.value}" /></p> 31``` 32