htmlEditFormat

Encodes the input string for safe output in the body of a HTML tag.

The encoding in meant to mitigate Cross Site Scripting (XSS) attacks. This function can provide more protection from XSS than the HTMLEditFormat or XMLFormat functions do.

Method Signature

htmlEditFormat(string=[string], canonicalize=[boolean])

Arguments

Examples

Related

• ApplicationRestart

• ApplicationStartTime

• ApplicationStop

• BoxAnnounce

• BoxAnnounceAsync

• BoxRegisterInterceptor

• BoxRegisterRequestInterceptor

• CallStackGet

• CreateGUID

• CreateObject

• CreateUUID

• DE

• DebugBoxContexts

• Dump

• Duplicate

• echo

• EncodeForHTML

• GetApplicationMetadata

• GetBaseTagData

• GetBaseTagList

• GetBaseTemplatePath

• GetBoxContext

• GetBoxRuntime

• GetBoxVersionInfo

• GetClassMetadata

• GetComponentList

• GetContextRoot

• GetCurrentTemplatePath

• GetFileFromPath

• GetFunctionCalledName

• GetFunctionList

• GetModuleInfo

• GetModuleList

• GetRequestClassLoader

• GetSystemSetting

• GetTempDirectory

• GetTickCount

• IIF

• Invoke

• IsInstanceOf

• JavaCast

• ObjectDeserialize

• ObjectSerialize

• PagePoolClear

• Print

• Println

• RunThreadInContext

• SessionInvalidate

• SessionRotate

• SessionStartTime

• Sleep

• SystemCacheClear

• SystemExecute

• SystemOutput

• Throw

• Trace

• URLDecode

• URLEncodedFormat

• writeDump

• WriteLog

• WriteOutput