Tags:
188bettvip
6
apple
asd
babu88
Babu88 &2438;&2474;&2472;&2494
Bakugan and Deku coloring page
Basreng188 Indonesia Games: Th
Boost Your Online Presence wit
casino
chatgpt kostenlos
CollegeSuccessForTeenagers
column
Dear Lottery lottery sambad na
Dibu Martínez Argentina&39;s h
Digiwebglobal.com: Your Gatewa
Download Shein apk
edu post
egdfgfdgfdgdg
Eroticke Masaze Praha
erp
Face
Fethiye
game
Game Online Slot Gacor
garage door
garage door repair
garage door service
GaragedoorrepairMinneapolis
gioi thieu xaydunglocthinh
Good Team Name
GoPromotional Items
HMblogs
How Can I Leverage Social Medi
hvacdiploma
hy86net
Interactive PPT presentation
ios368
Jenny
Khám Phá Website bj38: Tr&7843
kindergarden
konohatoto78
lottrey
Marrakech-desert-tours
massage lingam
MNLWIN
Mobile Repair
Most Popular Stuffed Toys
moving
Multimedia Presentation Exampl
news
Nh&7919;ng Chi&7871;n L&432;&7
Nivela
Northern Lottery: An Attractiv
Nên &273;ánh con gì khi m&417;
ok9host
olxtoto
Portside Web Design and SEO Ne
Powering the Future: The Impor
Prep Guides
pujcovnadodavekpraha
rabonabet
Referring page
resume
Revolutionize Your Design Work
Ritalin Dosage Guide: Finding
sadad
Signal
slot thailand
Social media app development
Social media app development-C
Sports Streaming
sssss
Strategies for Success in Ku88
The Future of Life Coaching Pr
Training
Training-Programs
Travel
Types of presentation software
University Admission Portal
VietScore
What Are The Benefits Of A PGD
Why Balloons Make Every Occasi
Wordle
wordle123
Xí Ng&7847;u - H&432;&7899;ng
Zero Down Payment iPhone Offer
tag this topic
create new tag
view all tags
#VarENCODE ---+++ ENCODE{string} -- encode a string to URL entities, HTML entities, CSV format, and more * Encode "special" characters in a string to HTML numeric entities, URL entities. Also escapes special characters for CSV use and more. * Encoded characters: * all non-printable ASCII characters below space, except newline (="\n"=) and linefeed (="\r"=) * HTML special characters ="<"=, =">"=, ="&"=, single quote (='=) and double quote (="=) * TWiki special characters ="%"=, ="["=, ="]"=, ="@"=, ="_"=, ="*"=, ="="= and ="|"= * Syntax: =%<nop>ENCODE{"string"}%= * Supported parameters: | *Parameter:* | *Description:* | *Default:* | | ="string"= | String to encode | required (can be empty) | | =type="url"= | Encode special characters for URL parameter use, like a double quote into =%22= | (this is the default) | | =type="quotes"= | Escape double quotes with backslashes (=\"=), does not change other characters. This type does not protect against cross-site scripting. | =type="url"= | | =type="moderate"= | Encode special characters into HTML entities for moderate cross-site scripting protection: ="<"=, =">"=, single quote (='=) and double quote (="=) are encoded. Useful to allow TWiki variables in comment boxes. | =type="url"= | | =type="safe"= | Encode special characters into HTML entities for cross-site scripting protection: ="<"=, =">"=, ="%"=, single quote (='=) and double quote (="=) are encoded. | =type="url"= | | =type="entity"= | Encode special characters into HTML entities, like a double quote into =&#034;=. Does *not* encode newline (=\n=) or linefeed (=\r=). | =type="url"= | | =type="entity"= %BR% =extra=" $n$r"= | For =type="entity"= only, use the =extra= parameter to encode additional characters to HTML numeric entities. [[FormatTokens][Formatting tokens]] can be used, such as ="$n"= for newline. Note that =type="entity" extra=" $n$r"= is equivalent to =type="html"=. | =type="url"= %BR% =extra=""= | | =type="html"= | Encode special characters into HTML entities. In addition to =type="entity"=, it also encodes space, =\n= and =\r=. Useful to encode text properly in HTML input fields. See equivalent [[%IF{"'%INCLUDINGTOPIC%'='TWikiVariables'" then="#"}%VarENTITY][ENTITY]]. | =type="url"= | | =type="json"= | Escape double quotes and backslashes with backslashes (=\"= and =\\=, respectively), escape non-printable characters with hex code =\u0000= ... =\u001F=, does not change other characters. Use this to properly escape text for a [[Wikipedia:JSON][JSON]] string. Example result: =This is a string with \"quoted\" and \\backslashed\\ text=. | =type="url"= | | =type="csv"= | Escape single quotes and double quotes by repeating them, other characters do not change. Use this to properly escape fields in [[Wikipedia:Comma-separated_values][CSV]] reports that output comma-separated values, such as ="field 1","field 2 with ''single'' and ""double"" quotes"=. | =type="url"= | | =type="search"= | Special encoding used for [[%IF{"'%SEARCH%'='TWikiVariables'" then="#"}%VarSEARCH][SEARCH]]: Substitute % characters into non-printable characters, so that TWikiVariables are no longer expanded. Also escapes quotes. Used to feed a search string from a [[%IF{"'%URLPARAM%'='TWikiVariables'" then="#"}%VarURLPARAM][URLPARAM]] into SEARCH without expanding any variables, such as when searching for =%<nop>BR%=. | =type="url"= | | =newline="..."= | Replace a newline with the specified value before encoding. %BR% Please note that =newline="<br/>"= does not bring =<br/>= to the output because =<= and =>= are encoded (except with the =quotes= and =csv= types). To have =<br/>= in the output, you need to specify =newline="$br"=. However, =newline="$br"= does not work in combination with =type="url"= (the defautl type). This shouldn't be a problem because it's very rare to need to have =<br/>= encoded in a URL. %BR% In addition to =$br=, =$n= has a special meaning in a =newline= parameter value - =$n= results in a newline in the output. %BR% This parameter is expected to be used in combination with the =moderate=, =safe=, =entity=, or =html= type. With the other types, it causes unuseful results. | | * Examples: * =%<nop>ENCODE{"spaced name"}%= expands to =%ENCODE{"spaced name"}%= * =%<nop>ENCODE{"spaced name" type="entity" extra=" "}%= expands to =spaced&#32;name= * __Notes:__ * Values of HTML input fields should be encoded as ="html"=. A shorter =%<nop>ENTITY{any text}%= can be used instead of the more verbose =%<nop>ENCODE{ "any text" type="html" }%=. %BR% Example: =<input type="text" name="address" value="%<nop>ENTITY{any text}%" />= * Double quotes in strings must be escaped when passed into other TWiki variables.%BR% Example: =%<nop>SET{ "lunch" value="%<nop>ENCODE{ "string with "quotes"" type="quotes" }%" remember="1" }%= * Use =type="moderate"=, =type="safe"=, =type="entity"= or =type="html"= to protect user input from URL parameters and external sources against [[http://en.wikipedia.org/wiki/Cross-site_scripting][cross-site scripting]] (XSS). =type="html"= is the safest mode, but some TWiki applications might not work. =type="safe"= provides a safe middle ground, =type="moderate"= provides only moderate cross-site scripting protection. * Category: ApplicationsAndComponentsVariables, DevelopmentVariables, ExportAndPublishingVariables * Related: [[%IF{"'%INCLUDINGTOPIC%'='TWikiVariables'" then="#"}%VarENTITY][ENTITY]], [[%IF{"'%INCLUDINGTOPIC%'='TWikiVariables'" then="#"}%VarFORMFIELD][FORMFIELD]], [[%IF{"'%INCLUDINGTOPIC%'='TWikiVariables'" then="#"}%VarQUERYPARAMS][QUERYPARAMS]], [[%IF{"'%INCLUDINGTOPIC%'='TWikiVariables'" then="#"}%VarURLPARAM][URLPARAM]]
E
dit
|
A
ttach
|
P
rint version
|
H
istory
: r10
<
r9
<
r8
<
r7
<
r6
|
B
acklinks
|
V
iew topic
|
Ra
w
edit
|
M
ore topic actions
Topic revision: r10 - 2018-07-14
-
TWikiContributor
Home
Site map
TWiki web
TWiki Web
User registration
Users
Groups
Index
Search
Changes
Notifications
RSS Feed
Statistics
Preferences
P
View
Raw View
Print version
Find backlinks
History
More topic actions
Edit
Raw edit
Attach file or image
Edit topic preference settings
Set new parent
More topic actions
User Reference
ATasteOfTWiki
TextFormattingRules
TWikiVariables
FormattedSearch
QuerySearch
TWikiDocGraphics
TWikiSkinBrowser
InstalledPlugins
Admin Maintenance
Reference Manual
InterWikis
ManagingUsers
ManagingWebs
TWikiSiteTools
TWikiPreferences
WebPreferences
Categories
Admin Documentation
Admin Tools
Developer Doc
User Documentation
User Tools
Account
Log In
E
dit
A
ttach
Copyright &© 1999-2025 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki?
Send feedback
Note:
Please contribute updates to this topic on TWiki.org at
TWiki:TWiki.VarENCODE
.