The Zend\Escaper
component provides one class, Zend\Escaper\Escaper
which in turn, provides five methods for escaping output. Which method to use when, depends on the context in which the outputted data is used. It is up to the developer to use the right methods in the right context.
Zend\Escaper\Escaper
has the following escaping methods available for each context :
escapeHtml
: escape a string for the HTML Body context.
escapeHtmlAttr
: escape a string for the HTML Attribute context.
escapeJs
: escape a string for the Javascript context.
escapeCss
: escape a string for the CSS context.
escapeUrl
: escape a string for the URI or Parameter contexts.