Ubuntu Manpage: cgiEscape - HTML escape certain characters in a string

Provided by: cgilib_0.6-1_amd64

bug

NAME

       cgiEscape - HTML escape certain characters in a string

SYNOPSYS

       #include <cgi.h>

       char *cgiEscape (char *string);

DESCRIPTION

       This function returns a pointer to a sanitised string.  It converts <, & and > into HTML entities so that
       the  result  can be displayed without any danger of cross-site scripting in a browser.  The result may be
       passed to free(3) after use.  This routine is meant to be called before any  user  provided  strings  are
       returned to the browser.

RETURN VALUE

       cgiEscape() returns a pointer to the sanitised string or NULL in case of error.

AUTHOR

       This CGi library is written by Martin Schulze <joey@infodrom.org>.  If you have additions or improvements
       please get in touch with him.

SEE ALSO

       free(3).

CGI Library                                       6 April 2008                                       cgiDebug(3)