Lucee Function Reference
encodeforhtml()
Encodes the given string for safe output in HTML to reduce the risk of Cross Site Scripting attacks.
Beispiel
encodeforhtml(string string,[boolean canonicalize]):string
Kategorie
encode,ESAPI,HTML
Argumente
Die Argumente für diese Funktion sind fest vorgegeben. Ausser den nachfolgenden Argumenten dürfen keine weiteren verwendet werden.
Name | Typ | Required | Default Value | Beschreibung |
---|---|---|---|---|
string | string | Yes | string to encode | |
canonicalize | boolean | No | false |
If set to true, canonicalization happens before encoding. If set to false, the given input string will just be encoded. The default value for canonicalize is false. When this parameter is not specified, canonicalization will not happen. By default, when canonicalization is performed, both mixed and multiple encodings will be allowed. To use any other combinations you should canonicalize using canonicalize method and then do encoding.
Eingeführt in version: 5.0.0.0 |