[−][src]Function rocket_auth_login::sanitization::sanitize
pub fn sanitize(string: &str) -> String
Sanitize usernames to prevent xss and other vulnerabilities
Use sanitize() when escaping text that may be included in a html attribute (like value="
Usernames get embedded in a form input value attribute like:
where the
The normal htmlescape::encode_minimal() encodes basic html entities while the htmlescape::encode_attribute() encodes those from encode_minimal plus more, as well as any non alpha-numeric ascii characters are hex encoded ( � );