The encoder property defines an HTMLEncoder object (javadoc here) which allows safe encoding of various types.
You should always use the encoder as protection against cross site-scripting and other attacks. |
Methods available are
This is used for to encode HTML text.
$encoder.encodeForHTML($someProperty) |
This is used to encode an HTML attribute
<a href="$encoder.encodeForHTMLAttribute($someProperty)">Link</a> |