The string-htmlattributeencode() function

Smartsite 7.2 - ...

The string-htmlattributeencode() extension function minimally converts the specified string to an HTML-encoded string.

XML	Copy Code
string exf:string-htmlattributeencode(arg1)

The HtmlAttributeEncode method encodes characters appropriate for insertion into an HTML attribute value.
The string result from the HtmlAttributeEncode method should be used only for double-quoted attributes.

Security issues might arise when using the HtmlAttributeEncode method with single-quoted attributes.

Parameters:

arg1: a node reference or string literal.
Notice: when a node reference is used, the inner text of the node will be taken as string to html encode.

Example

XML	Copy Code
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:xf="http://www.w3.org/2002/xforms" xmlns:exf="http://smartsite.nl/namespaces/xforms/1.0" > <head> <title>Example</title> <xf:model> <xf:instance> <data xmlns=""> <html><![CDATA[ <p class="paragraph">Html encode/decode test</p> ]]></html> </data> </xf:instance> </xf:model> </head> <body> <xf:group ref="/data" appearance="full"> <xf:label/> <xf:output value="exf:string-htmlattributeencode(html)" /> </xf:group> </body> </html>

XML

Copy Code

<html xmlns="http://www.w3.org/1999/xhtml" 
  xmlns:xf="http://www.w3.org/2002/xforms" 
  xmlns:exf="http://smartsite.nl/namespaces/xforms/1.0" >
 <head>
  <title>Example</title>
  <xf:model>
   <xf:instance>
    <data xmlns="">     
     <html><![CDATA[
      <p class="paragraph">Html encode/decode test</p>
     ]]></html>
    </data>
   </xf:instance>
  </xf:model>
 </head>
 <body>
  <xf:group ref="/data" appearance="full">
   <xf:label/>
   <xf:output value="exf:string-htmlattributeencode(html)" />
  </xf:group>
 </body>
</html>

The result will be:

<p class="paragraph">Html encode/decode test</p>

Namespace

This function is available within the Smartsite XForms namespace (http://smartsite.nl/namespaces/xforms/1.0).

Seneca XForms Engine