Function rocket_auth_login::sanitization::sanitize

pub fn sanitize(string: &str) -> String

Sanitize usernames to prevent xss and other vulnerabilities Use sanitize() when escaping text that may be included in a html attribute (like value="")

Usernames get embedded in a form input value attribute like: where the is whatever is in the page's query string or Cookie/FlashMessage

The normal htmlescape::encode_minimal() encodes basic html entities while the htmlescape::encode_attribute() encodes those from encode_minimal plus more, as well as any non alpha-numeric ascii characters are hex encoded ( &#x00 );