Note: Adobe recommends that you use the EncodeForXML function, not the XmlFormat function, to escape special characters in a string for use in XML in all new applications.


Escapes special XML characters in a string so that the string can be used as text in XML.


A copy of the string parameter that is safe to use as text in XML.


String functionsXML functions

Function syntax

XmlFormat(string, escapeChars)

See also

cfxmlXmlNewXmlParseXmlValidateUsing XML and WDDX in the Developing ColdFusion Applications


ColdFusion MX: Added this function.





A string or a variable that contains one


Set to true to escape the characters restricted as per XML standards. For details, see


This function escapes characters as follows:

Text character

Escaped representation

Greater than symbol (>)


Less than symbol (<)


Single-quotation mark (')


Double-quotation mark (")


Ampersand symbol (&)


Carriage return (but not line feed)

Removed from the text.

High ASCII characters in the range 159-255.

Replaced by unicode escape sequence; for example, (capital E with an Acute symbol) is replaced by É.


The following example shows how XmlFormat escapes special XML characters. Use the View Source command in the browser to see the results. ColdFusion interprets the "" in the second text string as representing a single-quotation mark in text before it applies the XmlFormat function.

<?xml version = "1.0"?> 
<someElement someAttribute="#XmlFormat("'a quoted value'", "true")#"> 
#XmlFormat("Body of element with <, >, "" and & goes here.", "true")# 

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy