Attention
TYPO3 v10 has reached end-of-life as of April 30th 2023 and is no longer being maintained. Use the version switcher on the top left of this page to select documentation for a supported version of TYPO3.
Need more time before upgrading? You can purchase Extended Long Term Support (ELTS) for TYPO3 v10 here: TYPO3 ELTS.
format.cdata¶
Outputs an argument/value without any escaping and wraps it with CDATA tags.
PAY SPECIAL ATTENTION TO SECURITY HERE (especially Cross Site Scripting), as the output is NOT SANITIZED!
= Examples =
<code title="Child nodes"> <f:format.cdata>{string}</f:format.cdata> </code> <output> <![CDATA[(Content of {string} without any conversion/escaping)]]> </output>
<code title="Value attribute"> <f:format.cdata value="{string}" /> </code> <output> <![CDATA[(Content of {string} without any conversion/escaping)]]> </output>
<code title="Inline notation"> {string -> f:format.cdata()} </code> <output> <![CDATA[(Content of {string} without any conversion/escaping)]]> </output>