Languages
[Edit]
EN

JavaScript - how to escape html special characters?

5 points
Created by:
JustMike
26120

Using JavaScrpt it is possible to escapse HTML secial characters in following ways.

1. Custom function example - based on replace method

// ONLINE-RUNNER:browser;

<!doctype html>
<html>
<body>
  <script>

    var HTMLUtils = new function() {
        var rules = [
            { expression: /&/g, replacement: '&amp;'  }, // keep this rule at first position
            { expression: /</g, replacement: '&lt;'   },
            { expression: />/g, replacement: '&gt;'   },
            { expression: /"/g, replacement: '&quot;' },
            { expression: /'/g, replacement: '&#039;' }
        ];

        this.escape = function(html) {
            var result = html;

            for (var i = 0; i < rules.length; ++i) {
                var rule = rules[i];

                result = result.replace(rule.expression, rule.replacement);
            }

            return result;
        }
    };

    // Example

    var escapedHtml = HTMLUtils.escape('<div class="item">Hi! How are you?</div>');
    
    document.body.innerHTML += '<div style="border: 1px solid silver;">' +
            escapedHtml +
        '</div>';
    
    console.log(escapedHtml);
    
  </script>
</body>
</html>

2. innerText property example

// ONLINE-RUNNER:browser;

<!doctype html>
<html>
<body>
  <div id="container" style="border: 1px solid silver;"></div>
  <script>

    var container = document.querySelector('#container');
    
    container.innerText += '<div class="item">Hi! How are you?</div>';
    
  </script>
</body>
</html>

2. textContent property example

// ONLINE-RUNNER:browser;

<!doctype html>
<html>
<body>
  <div id="container" style="border: 1px solid silver;"></div>
  <script>

    var container = document.querySelector('#container');
    
    container.textContent += '<div class="item">Hi! How are you?</div>';
    
  </script>
</body>
</html>

3. Container element based approach examples

3.1. Text node and innerHTML property based example

// ONLINE-RUNNER:browser;

<!doctype html>
<html>
<body>
  <script>

    var HTMLUtils = new function() {
        this.escape = function(html) {
            var container = document.createElement('div');
          
          	var text = document.createTextNode(html);
            container.appendChild(text);
          
            return container.innerHTML;
        }
    };

    // Example

    document.body.innerHTML += '<div style="border: 1px solid silver;">' +
            HTMLUtils.escape('<div class="item">Hi! How are you?</div>') +
        '</div>';
    
  </script>
</body>
</html>

3.2. innerText and innerHTML properies based example

// ONLINE-RUNNER:browser;

<!doctype html>
<html>
<body>
  <script>

    var HTMLUtils = new function() {
        this.escape = function(html) {
            var container = document.createElement('div');
          	container.innerText = html;
          
            return container.innerHTML;
        }
    };

    // Example

    document.body.innerHTML += '<div style="border: 1px solid silver;">' +
            HTMLUtils.escape('<div class="item">Hi! How are you?</div>') +
        '</div>';
    
  </script>
</body>
</html>

 

Native Advertising
50 000 ad impressions - 449$
🚀
Get your tech brand or product in front of software developers.
For more information contact us:
Red dot
Dirask - friendly IT community for everyone.

❤️💻 🙂

Join