<?php $escaper = new Phalcon\Escaper(); $escaped = $escaper->escapeCss("font-family: <Verdana>"); echo $escaped; // font\2D family\3A \20 \3C Verdana\3E
//Create an escaper $e = new Phalcon\Escaper(); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title><?php echo $e->escapeHtml($maliciousTitle); ?> </title> <style type="text/css"> . <?php echo $e->escapeCss($className); ?> { font-family: "<?php echo $e->escapeCss($fontName); ?> "; color: red; } </style> </head> <body> <div class='<?php