cgiEscape - HTML escape certain characters in a string
char *cgiEscape (char *string);
This function returns a pointer to a sanitised string. It converts <,
& and > into HTML entities so that the result can be displayed without
any danger of cross-site scripting in a browser. The result may be
passed to free(3) after use. This routine is meant to be called before
any user provided strings are returned to the browser.
cgiEscape() returns a pointer to the sanitised string or NULL in case
This CGi library is written by Martin Schulze <email@example.com>. If
you have additions or improvements please get in touch with him.