HTML: <textarea>-Tag: How to correctly escape HTML and JavaScript content displayed in there?

Question

I have a HTML Tag $FOO and the $FOO Variable will be filled with arbitrary HTML and JavaScript Content, to be disp

Answer 1

You need to replace the special character of HTML with character references (either numerical character references or entity references), in textarea, at least &, < and >.