andre/30-seconds-of-code
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename to escapeHTML, use a dictionary instead

Browse Source
This commit is contained in:
atomiks
2017-12-30 00:03:47 +11:00
committed by GitHub
parent 7d5515c475
commit d3d2307b27
1 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
snippets/escapeString.md
View File

@ -1,14 +1,19 @@
### escapeString
### escapeHTML
Escapes a string for use in HTML.
Use a chain of `String.replace()` calls combined with regular expressions to replace special characters with the proper symbols.
Use `String.replace()` with a regex that matches the characters that need to be escaped, using a callback function to replace each character instance with its associated escaped character using a dictionary (object).
```js
const escapeString = str =>
str.replace(/&/g, '&amp;').replace(/"/g, '&quot;').replace(/'/g, '&#39;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
const escapeHTML = str => str.replace(/[&<>'"]/g, tag => ({
'&': '&amp;',
'<': '&lt;',
'>': '&gt;',
'\'': '&#39;',
'"': '&quot;'
})[tag] || tag);
```
```js
escapeString('<a href="#">Me & you</a>'); // '&lt;a href=&quot;#&quot;&gt;Me &amp; you&lt;/a&gt;'
escapeHTML('<a href="#">Me & you</a>'); // '&lt;a href=&quot;#&quot;&gt;Me &amp; you&lt;/a&gt;'
```