$field->escape()
Escapes the field value to be safely used in HTML templates without the risk of XSS attacks
$field->escape(string $context = 'html')Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| $context | string |
'html' |
Location of output (html, attr, js, css, url or xml) |
Aliases
You can use the following aliases for this field method in your template:
$field->esc(…)
Examples
<p><?= $page->text()->escape() ?></p><img alt="<?= $image->alt()->escape('attr') ?>" src="<?= $image->url() ?>" /><section style="--columns: <?= $section->columns()->escape('css')">
...
</section><script>
let yourVariable = "<?= $page->jsVariable()->escape('js') ?>";
// ...
</script><iframe src="https://map.example.com/?lat=<?= $map->lat()->escape('url') ?>&lon=<?= $map->lon()->escape('url') ?>"></iframe>