Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Arman2017-10-20 13:14:21
HTML
Arman, 2017-10-20 13:14:21

How dangerous is an ampersand in html output?

htmlspecialchars replaces "&" with "&"(The toaster is also buggy), but I can't figure out why it's dangerous. Editors (humans) use "& nbsp;", "& mdash;" (Toaster!!) and stuff like that, all the output is of course in htmlspecialchars, or what are alternatives from frameworks, and of course it's all replaced by " " in the text. How is it usually done here?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
L
Lander, 2017-10-20
@Arik

Not dangerous. htmlspecialchars simply "escaps" the special characters so that when you output "&", "<" and ">" you will see exactly these characters, not converted to tags and special characters.

Similar questions
W
waltaki2019-09-02 03:13:54
How to delay the execution of an event? 2Reply
F
Fyodor Buzinov2015-04-14 12:52:57
Nginx: redirect from https to http? 5Reply
T
t00rt2017-04-14 02:28:26
How to get CSS block margin as a percentage using jquery? 2Reply
N
Nikolai Shepelev2015-05-06 19:08:41
Derivation of the diagonal of a square matrix. How to correctly on ACM + C? 3Reply
E
Ektomorphine2017-04-27 02:37:39
How to check the consistency of tables using a stored procedure? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question