Skip to content
Search
    Search by Algolia

    $field->escape()

    Escapes the field value to be safely used in HTML templates without the risk of XSS attacks

    $field->escape(string $context = 'html')

    Parameters

    Name Type Default Description
    $context string 'html' Location of output (html, attr, js, css, url or xml)

    Aliases

    You can use the following aliases for this field method in your template:

    • $field->esc(…)

    Examples

    <p><?= $page->text()->escape() ?></p>
    <img alt="<?= $image->alt()->escape('attr') ?>" src="<?= $image->url() ?>" />
    <section style="--columns: <?= $section->columns()->escape('css')">
...
</section>
    <script>
let yourVariable = "<?= $page->jsVariable()->escape('js') ?>";

// ...
</script>
    <iframe src="https://map.example.com/?lat=<?= $map->lat()->escape('url') ?>&lon=<?= $map->lon()->escape('url') ?>"></iframe>