Home >Backend Development >PHP Tutorial >Blade Templating: Escaping vs. Raw HTML Output: When Should I Use `{!! !!}`?

Blade Templating: Escaping vs. Raw HTML Output: When Should I Use `{!! !!}`?

Susan SarandonOriginal: 2024-12-16 20:00:30219browse

Display HTML with Blade: Escaping vs Raw Content

When displaying HTML using Blade, by default, it auto escapes any special characters to prevent XSS vulnerabilities. However, if you want to display raw HTML code, you can use the escape directive {!! !!}.

Problem:

You have a string containing HTML code that you want to display in your view using Blade. However, when using {{ $text }}, the output is a raw string instead of rendered HTML.

Solution:

To display HTML with Blade, you need to use the escape directive {!! $text !!}` instead of {{ $text }}. This will prevent the string from auto escaping and display the HTML code as intended.

Please note that using {!! !!} opens up your application to XSS vulnerabilities, so always ensure that the source of the HTML code is trusted.

The above is the detailed content of Blade Templating: Escaping vs. Raw HTML Output: When Should I Use `{!! !!}`?. For more information, please follow other related articles on the PHP Chinese website!

html xss String if auto using default this display

Statement：

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Previous article：How Can I Properly Read JSON POST Data in PHP?Next article：How Can I Properly Read JSON POST Data in PHP?

See more

Blade Templating: Escaping vs. Raw HTML Output: When Should I Use `{!! !!}`?

Related articles