HTML
Functions
- DecodeForHtml()
Decodes the given encoded string.
- EncodeForHTML()
Encodes the given string for safe output in HTML to reduce the risk of Cross Site Scripting attacks.
- EncodeForHTMLAttribute()
Encodes the given string for safe output in HTML to reduce the risk of Cross Site Scripting attacks.
- ESAPIEncode()
Encodes the given string for safe output to reduce the risk of Cross Site Scripting attacks.
- HTMLCodeFormat()
Replaces special characters in a string with their HTML-escaped equivalents and inserts and tags at the beginning and end of the string. [version] HTML version to use. currently ignored. -1: The latest implementation of HTML 2.0: HTML 2.0 (Default) 3.2: HTML 3.2
- HTMLEditFormat()
Replaces special characters in a string with their HTML-escaped equivalents. [version] HTML version to use. currently ignored. -1: The latest implementation of HTML 2.0: HTML 2.0 (Default) 3.2: HTML 3.2 4.0: HTML 4.0
- HtmlParse()
parse the given html (not only xhtml) as xml Object, work similar to xmlParse, but this function is very forgiving with the syntax..
- ParagraphFormat()
Formats the carriage returns in a string to a HTML alternatives
- SanitizeHtml()
Sanitizes unsafe HTML input and removes elements and attributes like JavaScript, onclick, etc. See also https://github.com/OWASP/java-html-sanitizer
Methods
- string.decodeForHTML()
Decodes the given encoded string.
- string.encodeForHTML()
Encodes the given string for safe output in HTML to reduce the risk of Cross Site Scripting attacks.
- string.encodeForHTMLAttribute()
Encodes the given string for safe output in HTML to reduce the risk of Cross Site Scripting attacks.
- string.paragraphFormat()
Formats the carriage returns in a string to a HTML alternatives
- string.sanitizeHTML()
Sanitizes unsafe HTML input and removes elements and attributes like JavaScript, onclick, etc. See also https://github.com/OWASP/java-html-sanitizer