cgiEscape(3)
HTML escape certain characters in a string
SYNOPSYS
#include <cgi.h>
char *cgiEscape (char *string);
DESCRIPTION
This function returns a pointer to a sanitised string.
It converts
<,
& and
>
into HTML entities so that the result can be displayed without any
danger of cross-site scripting in a browser.
The result may be passed to
free(3)
after use.
This routine is meant to be called before any user provided strings
are returned to the browser.
RETURN VALUE
cgiEscape()
returns a pointer to the sanitised string or NULL in case of error.
AUTHOR
This CGi library is written by Martin Schulze
<
[email protected]>. If you have additions or improvements
please get in touch with him.
