SSI escape HTML output

Question

When i use SSI directive is there any way to escape variable with HTML entities?

<META HTTP-EQUIV="Refresh" CONTENT="10; URL="/index.shtml?r=<!--#echo var="HTTP_REFERER" -->">

Thx in advice!

Answer 1

See 'encoding' under 'The echo Element' in the mod_include docs at http://httpd.apache.org/docs/2.2/mod/mod_include.html :

Specifies how Apache should encode special characters contained in the variable before outputting them. If set to none, no encoding will be done. If set to url, then URL encoding (also known as %-encoding; this is appropriate for use within URLs in links, etc.) will be performed. At the start of an echo element, the default is set to entity, resulting in entity encoding (which is appropriate in the context of a block-level HTML element, e.g. a paragraph of text). This can be changed by adding an encoding attribute, which will remain in effect until the next encoding attribute is encountered or the element ends, whichever comes first.

The encoding attribute must precede the corresponding var attribute to be effective, and only special characters as defined in the ISO-8859-1 character encoding will be encoded. This encoding process may not have the desired result if a different character encoding is in use.