xml_escape
Available inall subroutines.
Escapes characters from a string using XML-style escape sequences.
This function does not understand UTF-8 encoded Unicode text (like for example JSON), but instead handles it byte by byte. Characters are escaped according to the rules described in Section 2.4 of the XML 1.0 W3C Recommendation.
The escaping rules are as follows:
- The ampersand character (
&) will be represented as&. - The left angle bracket character (
<) will be represented as<. - The right angle bracket character (
>) will be represented as>. - The single-quote character (
') will be represented as'. - The double-quote character (
") will be represented as". - If none of the above matched, the byte is passed through as-is.
Other bytes are passed through verbatim.
Some examples:
| Input | xml_escape() |
|---|---|
abc123 | abc123 |
romeo&juliet | romeo&juliet |
0 < 1 | 0 < 1 |
isn't | isn't |
We recommend using
utf8.is_valid
to check that your data represents a valid UTF-8 string before calling
xml_escape.
Example
# var.escaped is set to: <city>london</city>declare local var.escaped STRING;set var.escaped = "<city>" + xml_escape(client.geo.city.ascii) + "</city>";
User contributed notes
BETADo you see an error in this page? Do have an interesting use case, example or edge case people should know about? Share your knowledge and help people who are reading this page! (Comments are moderated; for support, please contact support@fastly.com)