---
title: Escape HTML
type: snippet
language: javascript
tags: [string,regexp]
cover: above-the-rocks
dateModified: 2021-10-13T19:29:39+02:00
---
Escapes a string for use in HTML.
- Use `String.prototype.replace()` with a regexp that matches the characters that need to be escaped.
- Use the callback function to replace each character instance with its associated escaped character using a dictionary object.
```js
const escapeHTML = str =>
str.replace(
/[&<>'"]/g,
tag =>
({
'&': '&',
'<': '<',
'>': '>',
"'": ''',
'"': '"'
}[tag] || tag)
);
```
```js
escapeHTML('Me & you');
// '<a href="#">Me & you</a>'
```