- html
The string as HTML markup. That is, the string with all:
- < replaced with <
- > replaced with >
- & replaced with &
- " replaced with "
- url
The string after URL escaping. This means that all non-US-ASCII and reserved URL characters will be escaped with %XX.
- js_string
Escapes the string with the escaping rules of JavaScript language string literals, so it is safe to insert the value into a string literal. Both quotation mark (") and apostrophe-quoate (') are escaped. Starting from FreeMarker 2.3.1, it also escapes > as \> (to avoid </script>). Furthermore, all characters under UCS code point 0x20, that has no dedicated escape sequence in JavaScript language, will be replaced with hexadecimal escape (\xXX).
These 3 built-ins can be used a single filtering, or combined like below
<a href="http://hjzhao.blogspot.com/built-ins?name=${thename?url?html}"
<td onclick="openURL(newpage?param=${value?url?js_string?html});">Click Me</td>
No comments:
Post a Comment