Sanitizes HTML using antisamy policy rules.

getSafeHTML(inputString [, PolicyFile, throwOnError]) → returns any

This function requires Adobe ColdFusion 11 and up.  Not supported on Lucee, etc.

Argument Reference

inputString string

String to be sanitized

PolicyFile string

File path for custom antisamy policy file. Can be defined in the application scope or if not defined will use ColdFusion server default

throwOnError boolean

If true will throw error else empty string will be returned

Links more information about getSafeHTML

Sample code invoking the getSafeHTML function

AntiSamy parameter can be set in the application scope

  <cfset = "antisamy.xml">

demonstrates usage

<cfset  SafeHTML = getSafeHTML(inputHTML, "", true)>

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub