encodeForJavaScript

Encodes the inputString for safe output within JavaScript code. The encoding in meant to mitigate Cross Site Scripting (XSS) attacks. This function can provide more protection from XSS than JSStringFormat does.

encodeForJavaScript(inputString [, canonicalize]) → returns String

Argument Reference for the encodeForJavaScript function

inputString

Required: Yes
A string to encode

canonicalize

Required: No
When true runs the canonicalize function against the input before encoding. This argument is not supported on Lucee.

Links more information about encodeForJavaScript

Examples sample code invoking the encodeForJavaScript function


Simple encodeForJavaScript Example

encodeForJavaScript("foo()")

Expected Result: foo\x28\x29


Fork me on GitHub