# Escaping HTML Probably the most common escaping happens for **HTML body** contexts. There are very few characters with special meaning in this context, yet it is quite common to escape data incorrectly, namely by setting the wrong flags and character encoding. For escaping data to use within an HTML body context, use `Zend\Escaper\Escaper`'s `escapeHtml()` method. Internally it uses PHP's `htmlspecialchars()`, correctly setting the flags and encoding for you. ```php // Outputting this without escaping would be a bad idea! $input = ''; $escaper = new Zend\Escaper\Escaper('utf-8'); // somewhere in an HTML template