diff --git a/src/main/java/org/example/NewUserProfileController.java b/src/main/java/org/example/NewUserProfileController.java
new file mode 100644
index 0000000..1e18467
--- /dev/null
+++ b/src/main/java/org/example/NewUserProfileController.java
@@ -0,0 +1,173 @@
+package org.example;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.util.HtmlUtils;
+
+@Controller
+@RequestMapping("/new")
+public class NewUserProfileController {
+
+ // Display user profile with custom message
+ @GetMapping("/profile/display")
+ @ResponseBody
+ public String displayUserProfile(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Direct output without escaping
+ return "Profile Message: " + message + "
";
+ }
+
+ // Display user profile with escaped message
+ @GetMapping("/profile/secureDisplay")
+ @ResponseBody
+ public String displaySecureUserProfile(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Properly escaped output
+ return "Profile Message: " +
+ HtmlUtils.htmlEscape(message) + "
";
+ }
+
+ // Display user status with local variable assignment
+ @GetMapping("/profile/status")
+ @ResponseBody
+ public String displayUserStatus(
+ @RequestParam(defaultValue = "Active") String message) {
+ // Assign to local variable
+ String htmlContent = "User Status: " +
+ message + "
";
+ return htmlContent;
+ }
+
+ // Display escaped user status with local variable assignment
+ @GetMapping("/profile/secureStatus")
+ @ResponseBody
+ public String displaySecureUserStatus(
+ @RequestParam(defaultValue = "Active") String message) {
+ // Assign to local variable
+ String htmlContent = "User Status: " +
+ HtmlUtils.htmlEscape(message) + "
";
+ return htmlContent;
+ }
+
+ // Generate user dashboard with escaped greeting
+ @GetMapping("/dashboard/greeting")
+ @ResponseBody
+ public String generateDashboard(
+ @RequestParam(defaultValue = "Welcome") String greeting) {
+ String htmlContent = buildDashboardContent(greeting);
+ return htmlContent;
+ }
+
+ private static String buildDashboardContent(String greeting) {
+ // Generate dashboard HTML content
+ return "Dashboard: " + greeting + "
";
+ }
+
+ // Generate user dashboard with custom greeting
+ @GetMapping("/dashboard/secureGreeting")
+ @ResponseBody
+ public String generateSecureDashboard(
+ @RequestParam(defaultValue = "Welcome") String greeting) {
+ String htmlContent = buildSecureDashboardContent(greeting);
+ return htmlContent;
+ }
+
+ private static String buildSecureDashboardContent(String greeting) {
+ // Generate dashboard HTML content with escaped greeting
+ return "Dashboard: " +
+ HtmlUtils.htmlEscape(greeting) + "
";
+ }
+
+ // Generate message template
+ @GetMapping("/notifications/template")
+ @ResponseBody
+ public String generateTemplate(
+ @RequestParam(defaultValue = "New Message") String content) {
+ Profile.MessageTemplate template = new Profile.MessageTemplate(content);
+ // Return nested content
+ return template.body.content.text;
+ }
+
+ // Generate message template
+ @GetMapping("/notifications/secureTemplate")
+ @ResponseBody
+ public String generateSecureTemplate(
+ @RequestParam(defaultValue = "New Message") String content) {
+ Profile.MessageTemplate template = new Profile.MessageTemplate(content);
+ // Return nested escaped content
+ return template.body.content.secureText;
+ }
+
+ // Generate user notification with complex data structure
+ @GetMapping("/notifications/generate")
+ @ResponseBody
+ public String generateNotification(
+ @RequestParam(defaultValue = "New Message") String content) {
+ // Create user profile with nested message structure using constructors
+ Profile.UserProfile profile = new Profile.UserProfile(content);
+
+ // Return nested content
+ return profile.settings.config.template.body.content.text;
+ }
+
+ // Generate user notification with complex data structure
+ @GetMapping("/notifications/secureGenerate")
+ @ResponseBody
+ public String generateSecureNotification(
+ @RequestParam(defaultValue = "New Message") String content) {
+ // Create user profile with nested message structure using constructors
+ Profile.UserProfile profile = new Profile.UserProfile(content);
+
+ // Return nested content
+ return profile.settings.config.template.body.content.secureText;
+ }
+
+ // Display custom message
+ @GetMapping("/message/display")
+ @ResponseBody
+ public String displayMessage(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Construct a page using a chain of builders
+ String page = new HtmlPageBuilder().message(message).buildPage();
+
+ return page;
+ }
+
+ // Display custom message
+ @GetMapping("/message/secureDisplay")
+ @ResponseBody
+ public String displaySecureMessage(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Construct a page using a chain of builders
+ String page = new HtmlPageBuilder().message(message).escape().buildPage();
+
+ return page;
+ }
+
+ // Display formatted message
+ @GetMapping("/message/format")
+ @ResponseBody
+ public String formatMessage(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Construct a page using a formatter as a parameter for a chain of builders
+ String page = new HtmlPageBuilder().message(message)
+ .format(new DefaultFormatter()).buildPage();
+
+ return page;
+ }
+
+ // Display escaped message
+ @GetMapping("/message/escape")
+ @ResponseBody
+ public String escapeMessage(
+ @RequestParam(defaultValue = "Welcome") String message) {
+ // Construct a page using a formatter as a parameter for a chain of builders
+ String page = new HtmlPageBuilder().message(message)
+ .format(new EscapeFormatter()).buildPage();
+
+ return page;
+ }
+}