EncodeForHTML

Encodes the input string for safe output in the body of a HTML tag.

The encoding in meant to mitigate Cross Site Scripting (XSS) attacks. This function can provide more protection from XSS than the HTMLEditFormat or XMLFormat functions do.

Method Signature

EncodeForHTML(string=[string], canonicalize=[boolean])

Arguments

Argument

Type

Required

Description

Default

string

true

The string to encode.

canonicalize

boolean

true

If set to true, canonicalization happens before encoding. If set to false, the given input string will just be encoded.

false

Examples

Escapes the HTML characters

Run Example

htmlEditFormat( "This is a test & this is another <This text is in angle brackets> Previous line was blank!!!" );

Result: This is a test & this is another <This text is in angle brackets> Previous line was blank!!!

Additional Examples

Run Example

testString = "Hello !!!
<This text is inside of angle brackets>
This text is outside of angle brackets !!!";
writeoutput( testString );
writeoutput( "<h5>HTMLEditFormat</h5>" & HTMLEditFormat( testString ) );

Previousecho NextGetApplicationMetadata

Last updated 21 days ago

Was this helpful?

Method Signature

Arguments

Examples

Escapes the HTML characters

Additional Examples

Related