getSafeHTML

Sanitizes HTML using antisamy policy rules.

getSafeHTML(inputString [, PolicyFile, throwOnError]) → returns any

This function requires Adobe ColdFusion 11 and up.  Not supported on Lucee, etc.
  1. CFDocs
  2. Functions
  3. ColdFusion 11 New Functions and Tags
  4. getSafeHTML
  5. CF11+
  6. 0 Issue
  7. Edit
See Also:   isSafeHTML

Argument Reference

inputString string
Required

String to be sanitized

PolicyFile string

File path for custom antisamy policy file. Can be defined in the application scope or if not defined will use ColdFusion server default

throwOnError boolean

If true will throw error else empty string will be returned

Links more information about getSafeHTML

Examples
Sample code invoking the getSafeHTML function

AntiSamy parameter can be set in the application scope


<cfcomponent>
  <cfset this.security.antisamypolicy = "antisamy.xml">
</cfcomponent>

demonstrates usage

<cfset  SafeHTML = getSafeHTML(inputHTML, "", true)>

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub