htmlEncode
Updated pdexter 2022-10-22
Function to encode variables of unknown value, to ensure that script injection does not occur.
This should be used for all cases where a value to be displayed in rendered html is not explicitly defined in the code. It may have been sourced from a data query result.
This function has been built into JayRule (Jealous Jerboa) and later; if not there, please advise JayRule author.
Syntax
value = ft3.htmlEncode(rawValue);
Part | Description |
---|---|
rawValue | the value to be converted to encoded html |
Example
var rawValue = `Jim Jones <script>alert("you shouldn't see this popup");</script>`;
var html = ft3.htmlEncode(rawValue);
// returns "Jim Jones <script>alert("you shouldn't see this popup");</script>"