Stack Overflow
Stack Overflow

Questions tagged [html-escape-characters]

HTML escape characters are special codes, used to display Unicode characters including those which can't be typed on a standard keyboard and those having a special meaning to HTML.

HTML escape characters are special codes, used to display Unicode characters including those which can't be typed on a standard keyboard and those having a special meaning to HTML.

To type a Unicode character, type an ampersand (&) and a hash-symbol (#) followed by the Unicode codepoint and a semi-colon (;)

For example:

& =>&

&#60; =><

&#169; =>©

&#8453; =>

&#8364; =>

378 questions
771
votes
26 answers

HTML-encoding lost when attribute read from input field

I’m using JavaScript to pull a value out from a hidden field and display it in a textbox. The value in the hidden field is encoded. For example, gets pulled into
AJM
  • 32,054
  • 48
  • 155
  • 243
628
votes
10 answers

What do < and > stand for?

I know that the entities < and > are used for < and >, but I am curious what these names stand for. Does < stand for something like "Left tag" or is it just a code?
Michiel Pater
  • 22,377
  • 5
  • 43
  • 57
369
votes
5 answers

Which characters need to be escaped in HTML?

Are they the same as XML, perhaps plus the space one ( )? I've found some huge lists of HTML escape characters but I don't think they must be escaped. I want to know what needs to be escaped.
Ahmet
  • 4,310
  • 4
  • 19
  • 21
93
votes
12 answers

Bash script to convert from HTML entities to characters

I'm looking for a way to turn this: hello < world to this: hello < world I could use sed, but how can this be accomplished without using cryptic regex?
Marko
  • 943
  • 1
  • 7
  • 5
63
votes
8 answers

How do I prevent people from doing XSS in Spring MVC?

What should I do to prevent XSS in Spring MVC? Right now I am just putting all places where I output user text into JSTL tags or fn:escapeXml() functions, but this seems error prone as I might miss a place. Is there an easy systematic way to…
Doug
  • 813
  • 1
  • 7
  • 7
46
votes
2 answers

Is it necessary to use — and – in XHTML or HTML5?

It seems that it is best to use the & escape, instead of simply typing the ampersand (&). However, should we be using X/HTML character entity references for dashes and other common typographical characters when writing blog posts on CMSs like…
Baumr
  • 6,124
  • 14
  • 37
  • 63
41
votes
2 answers

How to have AngularJS output escaped HTML

I am getting JSON data from the server, one of the field contains escaped html (an email body actually): <html>\r\n<head>\r\n<meta http-equiv="Content-Type" content="text/html;…
Max Favilli
  • 6,161
  • 3
  • 42
  • 62
41
votes
3 answers

What is the best way to escape HTML-specific characters in a string (PowerShell)?

I'm generating some simple HTML with PowerShell script, and I would like to escape strings used in result HTML (since they can contain some HTML-specific symbols). For example: $a = "something "; should be converted to the…
Kel
  • 7,680
  • 3
  • 29
  • 39
34
votes
8 answers

How do I replicate a \t tab space in HTML?

How can I use the common \t escape character in html ? Is it possible? I need a code that has the same function as the /t escape character
user2443085
  • 343
  • 1
  • 3
  • 4
26
votes
3 answers

What characters must be escaped in HTML 5?

HTML 4 states pretty which characters should be escaped: Four character entity references deserve special mention since they are frequently used to escape special characters: "<" represents the < sign. ">" represents the > sign. "&"…
ezequiel-garzon
  • 3,047
  • 6
  • 29
  • 33
22
votes
3 answers

Jest Equality Matcher For Strings That Disregards Whitespace

Jest's toEqual matcher takes whitespace into account when checking for equality. When formatting the expected value in tests it is impossible to do so in a way that matches a string containing newlines, tabs etc. Does Jest offer a way to disregard…
Undistraction
  • 42,754
  • 56
  • 195
  • 331
20
votes
2 answers

How to escape <, >, and & characters to html entities in Oracle PL/SQL

I need to send HTML emails directly from oracle PL/SQL package. This works almost fine. I have problem with the fact that some of the data fetched from a table contain things like , , and similar fragments, which sometimes ar treated as HTML…
SWilk
  • 3,261
  • 8
  • 30
  • 51
15
votes
3 answers

Escaping javascript string in java

I need to make this into a string in java: Can someone help? I keep trying and it ends up like this... return "
A_Elric
  • 3,508
  • 13
  • 52
  • 85
14
votes
2 answers

node.js and Handlebars: HTML compiled is escaped

Im using handlebars in a node aplication, and I have trouble. This is the template index.html {{CONTENT}} This is the code var fs = require("fs"); var handlebars = require("handlebars"); var data = { CONTENT: "Hello world!" }; var…
Enrique Moreno Tent
  • 24,127
  • 34
  • 104
  • 189
13
votes
2 answers

system.web functionality in Mono missing?

I need HttpUtility for encoding strings, but it seems it was supported, but no longer. Actually, the whole System.Web is gone. Is there an alternative? I need to Javascript Escape some strings.
angel of code
  • 686
  • 8
  • 25
1
2 3
25 26