Skip to content


Updated pdexter 2022-10-22

Function to encode variables of unknown value, to ensure that script injection does not occur.

This should be used for all cases where a value to be displayed in rendered html is not explicitly defined in the code. It may have been sourced from a data query result.

This function has been built into JayRule (Jealous Jerboa) and later; if not there, please advise JayRule author.


value = ft3.htmlEncode(rawValue);

Part Description
rawValue the value to be converted to encoded html


var rawValue = `Jim Jones <script>alert("you shouldn't see this popup");</script>`;

var html = ft3.htmlEncode(rawValue);
// returns "Jim Jones &lt;script&gt;alert(&#34;you shouldn&#39;t see this popup&#34;);&lt;/script&gt;"