Secure Conversions from One Text Type to Another
Source Format Target Format Drupal Function What It Does
Plain text HTML check_plain() 将特定字符编码为 HTML 实体
HTML text HTML filter_xss() 使用一组标签,检查和清理 HTML
Plain text URL drupal_encode_path() 将特定字符编码为%0x
URL HTML check_url() 清除有害的协议,比如 javascript
Plain text MIME mime_header_encode() 编码非 ASCII 字符, UTF-8 编码字符