cgiEscape

Langue: en

Version: 6 April 2008 (debian - 07/07/09)

Section: 3 (Bibliothèques de fonctions)

Sommaire

NAME

cgiEscape - HTML escape certain characters in a string

SYNOPSYS

 #include <cgi.h>
 
 char *cgiEscape (char *string);

DESCRIPTION

This function returns a pointer to a sanitised string. It converts <, & and > into HTML entities so that the result can be displayed without any danger of cross-site scripting in a browser. The result may be passed to free(3) after use. This routine is meant to be called before any user provided strings are returned to the browser.

RETURN VALUE

cgiEscape() returns a pointer to the sanitised string or NULL in case of error.

AUTHOR

This CGi library is written by Martin Schulze <joey@infodrom.org>. If you have additions or improvements please get in touch with him.

SEE ALSO

free(3).