HTMLEditFormat

Adobe Community Help


Applies to

 

Note: Adobe recommends that you use the EncodeForHTML function, not the HTMLEditFormat function, to escape special characters in a string for use in HTML in all new applications.

THIS FUNCTION HAS BEEN DEPRECATED

Description

Replaces special characters in a string with their HTML-escaped equivalents.

Returns

HTML-escaped string string. Return characters are removed; line feed characters are preserved. Characters with special meanings in HTML are converted to HTML character entities such as >.

Category

Display and formatting functions

Function syntax

HTMLEditFormat(string [, version ])

See also

HTMLCodeFormatcfapplication

Parameters

Parameter

Description

string

A string or a variable that contains one.

version

HTML version to use; currently ignored.

  • -1: The latest implementation of HTML
  • 2.0: HTML 2.0 (default)
  • 3.2: HTML 3.2

Usage

This function converts the following characters to HTML character entities:

Text character

Encoding

<

<

>

>

&

&

"

"

This function can be used to help protect ColdFusion pages that return user-provided data to the client browser from cross-site scripting attacks. However, the scriptprotect attribute of the cfapplication tag or the equivalent This.scriptProtect variable setting in Application.cfc can be preferable in most instances, because you only need to specify it once for an application.This function typically increases the length of a string. This can cause unpredictable results when performing certain string functions (Left, Right, and Mid, for example) against the expanded string.The only difference between this function and HTMLCodeFormat is that HTMLCodeFormat surrounds the text in an HTML pre tag.

Example

<!--- This example shows the effects of HTMLCodeFormat and 
HTMLEditFormat. View it in your browser, then View it 
using your browser's the View Source command. ---> 
<cfset testString="This is a test 
& this is another 
<This text is in angle brackets> 

Previous line was blank!!!"> 

<cfoutput> 
<h3>The text without processing</h3> 
#testString#<br> 
<h3>Using HTMLCodeFormat</h3> 
#HTMLCodeFormat(testString)# 
<h3>Using HTMLEditFormat</h3> 
#HTMLEditFormat(testString)# 
</cfoutput>

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy

Choose your region    Products   Downloads   Learn & Support   Company

Copyright © 2016 Adobe Systems Incorporated. All rights reserved.

Terms of Use | Privacy | Cookies