Encodes the input string for safe output in the attribute value of an HTML attribute, such as table width or image height. The encoding is meant to mitigate Cross Site Scripting (XSS) attacks.
encodeForHTMLAttribute(string [, canonicalize])
→ returns string
false
Shows how and where encodeForHTMLAttribute would be used.
<cfoutput><div title="#encodeForHTMLAttribute("<test>")#"></cfoutput>
Expected Result: <div title="<test>">