开发者

Escaping ampersands input by users through text fields?

开发者 https://www.devze.com 2022-12-08 13:05 出处：网络

Like almost all apps today, I have users who enter various information through standard text inputs.My app is running on Rails.

相关专题：escaping user-input validation xhtml

Like almost all apps today, I have users who enter various information through standard text inputs. My app is running on Rails.

It's a no-brainer to escape ampersands that I include as part of the site copy, etc. But how do I escape an ampersand that is dynamically input by a user? Currently, it开发者_C百科's breaking my frontend validation.

When you display the values you need to replace certain characters with HTML entities. Those characters are:

& : &amp;
< : &lt;
> : &gt;
" : &quot;

Perhaps there is a HtmlEncode function that you can use for that, otherwise you can use plain string operations. Pseudo code:

output replace(replace(replace(replace(text, "&", "&amp"), "<", "&lt;"), ">", "&gt;", """", "&quot;")

Edit:
I found that you can use the html_escape() function:

<%=html_escape @text%>

Or short:

<%=h @text%>

上一篇:淋过的雨歌词？

唯品会怎么买省钱月卡？:下一篇

精彩评论

暂无评论...

登录注册

请自觉遵守互联网相关的政策法规，严禁发布色情、暴力、反动的言论！

验证码：

换一张

取消

关注公众号

图文推荐

Delphi - Custom drawing a message list

C++ header-only include pattern

IE7 Margin Collapses Into Padding

in CoffeeScript, how can I use a variable as a key in a hash?

Interactive visualization of a graph in python [closed]

How to customise PHP MYSQL tables?

High quality, simple random password generator

Image Recognition ApI in android

开发者开发者网给大家分享系统运维,大数据运维,云计算,编程开发技巧,路由交换,运维和开发相关的资讯及技术文章，同时StackOverflow中文社区，知识经验交流分享。

法律声明：本站内容均为网友上传，网站举办方负责审核和监督，如存在版权或非法内容，欢迎举报，我们将尽快予以删除。邮箱：devze@qq.com

Escaping ampersands input by users through text fields?

更多 问答 相关资讯：

精彩评论

关注公众号

热门标签

图文推荐

更多问答相关资讯：