HTMLEditFormat

Last update:

May 18, 2026

Warning:

The function is removed in ColdFusion (2025 release).

Note: Adobe recommends that you use the EncodeForHTML function, not the HTMLEditFormat function, to escape special characters in a string for use in HTML in all new applications.

Description

Replaces special characters in a string with their HTML-escaped equivalents.

Returns

HTML-escaped string string. Return characters are removed; line feed characters are preserved. Characters with special meanings in HTML are converted to HTML character entities such as >.

Function syntax

HTMLEditFormat(string [, version ])

See also

HTMLCodeFormat, cfapplication

Parameters

Parameter	Description
string	A string or a variable that contains one.
version	HTML version to use; currently ignored. -1: The latest implementation of HTML 2.0: HTML 2.0 (default) 3.2: HTML 3.2

Usage

This function converts the following characters to HTML character entities:

Text character	Encoding
<	<
>	>
&	&
"	"

This function can be used to help protect ColdFusion pages that return user-provided data to the client browser from cross-site scripting attacks. However, the scriptprotect attribute of the cfapplication tag or the equivalent This.scriptProtect variable setting in Application.cfc can be preferable in most instances, because you only need to specify it once for an application.This function typically increases the length of a string. This can cause unpredictable results when performing certain string functions (Left, Right, and Mid, for example) against the expanded string.The only difference between this function and HTMLCodeFormat is that HTMLCodeFormat surrounds the text in an HTML pre tag.

Example

<!--- This example shows the effects of HTMLCodeFormat and 

HTMLEditFormat. View it in your browser, then View it 

using your browser's the View Source command. ---> 

<cfset testString="This is a test 

& this is another 

<This text is in angle brackets> 

Previous line was blank!!!"> 

<cfoutput> 

<h3>The text without processing</h3> 

#testString#<br> 

<h3>Using HTMLCodeFormat</h3> 

#HTMLCodeFormat(testString)# 

<h3>Using HTMLEditFormat</h3> 

#HTMLEditFormat(testString)# 

</cfoutput>

Was this page helpful?

We're glad. Tell us how this page helped.

Found the answer to my problem Understood the instructions Liked the feature

Other suggestions

We're sorry. Can you tell us what didn't work for you?

Didn't find the answer to my problem Couldn't understand the instructions Didn't like the feature

Other suggestions

Thank you for your feedback. Your response will help improve this page.

Was this helpful?

We are sorry the content didn't meet your needs.

Share additional feedback to help us improve.

0/255 | Character limit exceeded.

Thank you so much for sharing your feedback!