public/ConvertTo-HtmlEncoded.ps1
|
function ConvertTo-HtmlEncoded { <# .SYNOPSIS HTML-encodes a string by replacing special characters with HTML entities. .DESCRIPTION Replaces the characters &, <, >, and " with &, <, >, and " respectively. Returns an empty string when passed null or empty input. Used throughout the module to safely embed arbitrary text in HTML output. .PARAMETER Text The string to HTML-encode. .EXAMPLE ```powershell ConvertTo-HtmlEncoded -Text '<script>alert("xss")</script>' ``` Returns <script>alert("xss")</script>. #> [CmdletBinding(HelpUri = 'https://steviecoaster.github.io/PlatyPS.Hosting/PlatyPS.Hosting/ConvertTo-HtmlEncoded/')] param( [Parameter(Mandatory, Position = 0)] [string] $Text ) if (-not $Text) { return '' } $Text -replace '&','&' ` -replace '<','<' ` -replace '>','>' ` -replace '"','"' } |