To HTML-encode text, use the following function in the Ext library, which is always available to you in a LabKey wiki page or view:
var myValue = ...value from input control...
var myValueEncoded = Ext.util.Format.htmlEncode(myValue);
/ / … save myValueEncoded to the database, or redisplay it as follows:
For more details on the Ext.util.Format class, see the Ext API documentation at the following link:http://www.extjs.com/deploy/dev/docs/?class=Ext.util.Format
For more information on web development and security risks, see the following site:http://www.owasp.org/index.php/Main_Page