how to escape xml entities in javascript?

by

HTML encoding is simply replacing &, ", ', < and > chars with their entity equivalents. Order matters, if you don’t replace the & chars first, you’ll double encode some of the entities:

if (!String.prototype.encodeHTML) {
  String.prototype.encodeHTML = function () {
    return this.replace(/&/g, '&amp;')
               .replace(/</g, '&lt;')
               .replace(/>/g, '&gt;')
               .replace(/"/g, '&quot;')
               .replace(/'/g, '&apos;');
  };
}

As @Johan B.W. de Vries pointed out, this will have issues with the tag names, I would like to clarify that I made the assumption that this was being used for the value only

Conversely if you want to decode HTML entities1, make sure you decode &amp; to & after everything else so that you don’t double decode any entities:

if (!String.prototype.decodeHTML) {
  String.prototype.decodeHTML = function () {
    return this.replace(/&apos;/g, "'")
               .replace(/&quot;/g, '"')
               .replace(/&gt;/g, '>')
               .replace(/&lt;/g, '<')
               .replace(/&amp;/g, '&');
  };
}

1 just the basics, not including &copy; to © or other such things

As far as libraries are concerned. Underscore.js (or Lodash if you prefer) provides an _.escape method to perform this functionality.

More Related Contents:

  1. I want to make first option in dropdown to display as a placeholder
  2. Not looping through for loop – javascript
  3. How to have html popup appear over main html page?
  4. jquery get id of input selected text
  5. ‘innerText’ works in IE, but not in Firefox
  6. Browser detection in JavaScript? [duplicate]
  7. How to check if a user likes my Facebook Page or URL using Facebook’s API
  8. Why Does Firebase Lose Reference outside the once() Function?
  9. Can you style an html radio button to look like a checkbox?
  10. Pass data or modify extension html in a new tab/window
  11. Getting the object’s property name
  12. getting how many people are in a chat room in socket.io [duplicate]
  13. How do I use external script that I add to react JS?
  14. regex street address match
  15. Getting the value from a TinyMCE textarea
  16. Create a hidden field in JavaScript
  17. Replace function not replacing [duplicate]
  18. In AngularJS, any inline javascript code that included in HTML templates doesn’t work
  19. Why the open quote and bracket for eval(‘(‘ + jsonString+ ‘)’) when parsing json string
  20. How to set custom validation messages for HTML forms?
  21. Trigger standard HTML validation (form) without using submit button? [duplicate]
  22. Replacing Entire Page Including Head Using Javascript
  23. Why is element not being shown before alert?
  24. How to delay execution in between the following in my javascript
  25. Use RegExp to match a parenthetical number then increment it
  26. Await an iterative function without delimiter in JS
  27. Changing the page title with Jquery
  28. How to keep the header static, always on top while scrolling?
  29. How to iterate a table rows with JQuery and access some cell values?
  30. How to get the filename from a file downloaded using Javascript Fetch API?

Leave a Comment