getSafeHTML

Sanitizes HTML using antisamy policy rules.

getSafeHTML(inputString [, PolicyFile, throwOnError]) → returns Any

This function requires Adobe ColdFusion 11 and up. Not supported on Lucee, OpenBD, etc.

Argument Reference for the getSafeHTML function

inputString

Required: Yes
String to be sanitized

PolicyFile

Required: No
File path for custom antisamy policy file. Can be defined in the application scope or if not defined will use Coldfusion server default

throwOnError

Required: No
If true will throw error else empty string will be returned

Links more information about getSafeHTML

Examples sample code invoking the getSafeHTML function


application setting demo

AntiSamy parameter can be set in the application scope


<cfcomponent>
  <cfset this.security.antisamypolicy = "antisamy.xml">
</cfcomponent>

Usage

demonstrates usage

<cfset  SafeHTML = getSafeHTML(inputHTML, "", true)>

Fork me on GitHub