HTML/XML code will be escaped by default.
You can turn it off with the
escape
attribute.
Although the HTML code is not escaped, the text is not colored because the code is sanitzed.
"Sanitize" remove HTML/XML-Tags from a given string if not escaped. It can be configured in the tobago-config.xml.
If you want to write your own sanitizer, you have to implement
org.apache.myfaces.tobago.sanitizer.Sanitizer
.
Use
sanitize=never
to deactivate this.