xml_escape
Available inall subroutines.
Escapes characters from a string using XML-style escape sequences.
This function does not understand UTF-8 encoded Unicode text (like for example JSON), but instead handles it byte by byte. Characters are escaped according to the rules described in Section 2.4 of the XML 1.0 W3C Recommendation.
The escaping rules are as follows:
- The ampersand character (
&
) will be represented as&
. - The left angle bracket character (
<
) will be represented as<
. - The right angle bracket character (
>
) will be represented as>
. - The single-quote character (
'
) will be represented as'
. - The double-quote character (
"
) will be represented as"
. - If none of the above matched, the byte is passed through as-is.
Other bytes are passed through verbatim.
Some examples:
Input | xml_escape() |
---|---|
abc123 | abc123 |
romeo&juliet | romeo&juliet |
0 < 1 | 0 < 1 |
isn't | isn't |
We recommend using
utf8.is_valid
to check that your data represents a valid UTF-8 string before calling
xml_escape
.
Example
# var.escaped is set to: <city>london</city>declare local var.escaped STRING;set var.escaped = "<city>" + xml_escape(client.geo.city.ascii) + "</city>";