Function htmlescape::encode_attribute [−] [src]

pub fn encode_attribute(s: &str) -> String

HTML entity-encodes a string for use in attributes values.

Entity-encodes a string using an extensive set of entities, giving a string suitable for use in HTML attribute values. All entities from encode_minimal are used, and further, all non-alphanumeric ASCII characters are hex-encoded (&#x__;). See the OWASP XSS Prevention Cheat Sheet for more information on entity-encoding for attribute values.

Arguments

s - The string to encode.

Return value

The encoded string.

Example

let encoded = htmlescape::encode_attribute("\"No\", he said.");
assert_eq!(&encoded, "&quot;No&quot;&#x2C;&#x20;he&#x20;said&#x2E;");