Company | Newzulu Platform | Developer

Developer Template Documentation v4.12.4.15

fm:HTMLSanitizer


This component is used to manipulate HTML. It can be used to make HTML a user enters safe to display, avoiding various potential security issues. Another use is to easily show raw HTML code on a page to allow a user to copy and paste the code into other sites.

Example of escaping

Copy and paste this code into your own site to support us: <fm:HTMLSanitizer mode="escape"> <a href="http://www.example.org">Visit our sponsor</a> </fm:HTMLSanitizer>

Result

<a href="http://www.example.org">Visit our sponsor</a>

Example of sanitizing

<fm:HTMLSanitizer> <script type="text/javascript">This is evil code and will be removed</script> <p><b><i>The tag order here is messed up and will be fixed</p></b> <br> <br> The previous breaks didn't contain the /, which is required in XHTML. This will also be fixed. </fm:HTMLSanitizer>

Result

<p><b><i>The tag order here is messed up and will be fixed</i></b></p> <br /><br /> The previous breaks didn't contain the /, which is required in XHTML. This will also be fixed.

Supported attributes

NameRequiredDefaultDescription
modeOptionalsanitizeWhether to sanitize or escape the content. Valid values are "sanitize" and "escape".
trimOptionalWhen set to anything but empty this will remove all whitespace. This defaults to being off.
<< 3.2.23 fm:GroupList 3.2.25 fm:If >>