Template Escaper functions
These Modifiers are used so texts inserted into a template are encoded in a certain way; Most transports like XML have a list of characters to transfor to preserve their meaning.
X - HTML Encoding
uses StrEscAppend Mode 0
The relevant chars of the text is transformed into HTML-entities so they can be used by a client application. If you want to show the text “a<b” in a textarea it will become:
a<b
Characters escaped
| Char | Entity |
|---|---|
| < | < |
| > | > |
| & | & |
| ” | " |
| ' | ' |
H - HTML Encoding with linebreaks
uses StrEscAppend Mode 2
If the linewraps of your text should also be converted into HTML linebreaks, use this escaper.
a b
will become
a<br/>b
J - Ecma Script / JSON escaping
uses StrECMAEscAppend
Escapes all characters that have a meaning in Javascript strings; ' and \ are Protected (since webcit implicitely converts everything to utf-8, you don't need to take care of that):
'a\nb'
will become
\'a\\nb\'
K - Ecma + HTML escaping
uses StrHtmlEcmaEscAppend
Add html escaping to J; some Parsers are also vulnerable to other chars; use this to get rid of some more of the dangerous chars.
U - URL-Escaping
uses StrBufUrlescAppend
Transform all chars that have a meaning in HTTP-URLs into %HexCode; use this if you want to add encoded parameters
a b c
will become
a%20b%20c
Characters not escaped:
a-z A-Z 0-9 @!_.,: