getSafeHTML

Sanitizes HTML using antisamy policy rules.

getSafeHTML(inputString [, PolicyFile, throwOnError]) → returns any

This function requires Adobe ColdFusion 11 and up. Not supported on Lucee, OpenBD, etc.

getSafeHTML Argument Reference

inputString string
Required

String to be sanitized

PolicyFile string

File path for custom antisamy policy file. Can be defined in the application scope or if not defined will use Coldfusion server default

throwOnError boolean

If true will throw error else empty string will be returned

Links more information about getSafeHTML

Examples sample code invoking the getSafeHTML function


application setting demo

AntiSamy parameter can be set in the application scope


<cfcomponent>
  <cfset this.security.antisamypolicy = "antisamy.xml">
</cfcomponent>

Usage

demonstrates usage

<cfset  SafeHTML = getSafeHTML(inputHTML, "", true)>

Fork me on GitHub