---
title: escapeHTML
tags: string,browser,regexp,intermediate
firstSeen: 2017-12-29T15:09:21+02:00
lastUpdated: 2020-10-19T18:51:03+03:00
---
Escapes a string for use in HTML.
- Use `String.prototype.replace()` with a regexp that matches the characters that need to be escaped.
- Use the callback function to replace each character instance with its associated escaped character using a dictionary (object).
```js
const escapeHTML = str =>
str.replace(
/[&<>'"]/g,
tag =>
({
'&': '&',
'<': '<',
'>': '>',
"'": ''',
'"': '"'
}[tag] || tag)
);
```
```js
escapeHTML('Me & you');
// '<a href="#">Me & you</a>'
```