Avoiding Disable Output Escaping

Suppose you want to construct a JSP page that contains:

<jsp:setProperty name="user" property="id"
                 value="'<%= "id" + idValue %>'"/>

Pick some otherwise unused Unicode characters to represent the character sequences that aren’t valid XML. For example, “«” for “<%=”, “»” for “%>”, and “·” for the explicit double quotes:

<jsp:setProperty name="user" property="id"
                 value='« ·id· + idValue »'/>