View Helpers
stripTags()
Signature
Section titled “Signature”stripTags() — returns string
Available in: controller
Category: Sanitization Functions
Description
Section titled “Description”Removes all HTML tags from a string, leaving only the raw text content. Use this when you need to sanitize HTML by completely removing formatting and markup.
Parameters
Section titled “Parameters”| Name | Type | Required | Default | Description |
|---|---|---|---|---|
html | string | yes | — | The HTML to remove tag markup from. |
encode | boolean | no | true | Encode URL parameters using EncodeForURL(). Please note that this does not make the string safe for placement in HTML attributes, for that you need to wrap the result in EncodeForHtmlAttribute() or use linkTo(), startFormTag() etc instead. |
Examples
Section titled “Examples”1. Remove all tags from a string
#stripTags('<strong>Wheels</strong> is a framework for <a href="http://www.adobe.com/products/coldfusion">ColdFusion</a>.')#
Output:
Wheels is a framework for ColdFusion.
2. Sanitize user input
userInput = '<script>alert("xss")</script>Normal text';
#stripTags(userInput)#
Output:
Normal text
3. With encoding
#stripTags('<a href="http://example.com/page?param=value&another=1">Example</a>')#
Output:
Example