Function sputnik::html_escape

source · [−]

pub fn html_escape<'a, S: Into<Cow<'a, str>>>(input: S) -> Cow<'a, str>

Expand description

HTML escapes the given string.

The following characters are escaped: <, >, &, ", '. To mitigate the risks of forgetting to HTML escape something, it is recommended to additionally set a strict Content Security Policy.