Ok, so htmlEditFormat() was deprecated in ACF, see
“…Note: Adobe recommends that you use the EncodeForHTMLhttps://helpx.adobe.com/content/help/en/coldfusion/cfml-reference/coldfusion-functions/functions-e-g/encodeforhtml.html function, not the HTMLEditFormat function, to escape special characters in a string for use in HTML in all new applications. …”
encodeForHTML() was deprecated in Lucee, see
“…this function is deprecated, use function ESAPIEncode(‘html’,…) instead. …”
ESAPIEncode() is not supported in ACF, see
What exactly is the difference between ESAPIEncode and encodeForHTML()? (Something like this with a new column ESAPIEncode() would be great: http://damonmiller.github.io/esapi4cf/tutorials/Encoding.html)
I found a bundled esapi.jar in the Lucee lib folder, ESAPI 2.0.1 from 2011-07-25. Is this library used in Lucee by ESAPIEncode?
Cool, I am fascinated – so which function (supported in ACF AND Lucee) should we use now?