The Wayback Machine - https://web.archive.org/web/20170626174044/https://github.com/lodash/lodash/blob/master/escape.js
Skip to content
Sign in or Sign up

/lodash

Permalink
Switch branches/tags
Nothing to show
4.17.4 4.17.4-npm 4.17.4-es 4.17.4-amd 4.17.3 4.17.3-npm 4.17.3-es 4.17.3-amd 4.17.2 4.17.2-npm 4.17.2-es 4.17.2-amd 4.17.1 4.17.1-npm 4.17.1-es 4.17.1-amd 4.17.0 4.17.0-npm 4.17.0-es 4.17.0-amd 4.16.6 4.16.6-npm 4.16.6-es 4.16.6-amd 4.16.5 4.16.5-npm 4.16.5-es 4.16.5-amd 4.16.4 4.16.4-npm 4.16.4-es 4.16.4-amd 4.16.3 4.16.3-npm 4.16.3-es 4.16.3-amd 4.16.2 4.16.2-npm 4.16.2-es 4.16.2-amd 4.16.1 4.16.1-npm 4.16.1-es 4.16.1-amd 4.16.0 4.16.0-npm 4.16.0-es 4.16.0-amd 4.15.0 4.15.0-npm 4.15.0-npm-packages 4.15.0-es 4.15.0-amd 4.14.2 4.14.2-npm 4.14.2-es 4.14.2-amd 4.14.1 4.14.1-npm 4.14.1-es 4.14.1-amd 4.14.0 4.14.0-npm 4.14.0-npm-packages 4.14.0-es 4.14.0-amd 4.13.1 4.13.1-npm 4.13.1-es 4.13.1-amd 4.13.0 4.13.0-npm 4.13.0-npm-packages 4.13.0-es 4.13.0-amd 4.12.1-npm-packages 4.12.0 4.12.0-npm 4.12.0-npm-packages 4.12.0-es 4.12.0-amd 4.11.2 4.11.2-npm 4.11.2-npm-packages 4.11.2-es 4.11.2-amd 4.11.1 4.11.1-npm 4.11.1-npm-packages 4.11.1-es 4.11.1-amd 4.11.0 4.11.0-npm 4.11.0-npm-packages 4.11.0-es 4.11.0-amd 4.10.2-npm-packages 4.10.1-npm-packages 4.10.0 4.10.0-npm
Nothing to show
Find file
lodash/escape.js
b8a3a42 Mar 15, 2017
@jdalton @bertyhell @falsyvalues
Raw Blame History
48 lines (44 sloc) 1.45 KB
/** Used to map characters to HTML entities. */
const htmlEscapes = {
'&': '&amp',
'<': '&lt',
'>': '&gt',
'"': '&quot',
"'": '&#39'
}
/** Used to match HTML entities and HTML characters. */
const reUnescapedHtml = /[&<>"']/g
const reHasUnescapedHtml = RegExp(reUnescapedHtml.source)
/**
* Converts the characters "&", "<", ">", '"', and "'" in `string` to their
* corresponding HTML entities.
*
* **Note:** No other characters are escaped. To escape additional
* characters use a third-party library like [_he_](https://mths.be/he).
*
* Though the ">" character is escaped for symmetry, characters like
* ">" and "/" don't need escaping in HTML and have no special meaning
* unless they're part of a tag or unquoted attribute value. See
* [Mathias Bynens's article](https://mathiasbynens.be/notes/ambiguous-ampersands)
* (under "semi-related fun fact") for more details.
*
* When working with HTML you should always
* [quote attribute values](http://wonko.com/post/html-escaping) to reduce
* XSS vectors.
*
* @since 0.1.0
* @category String
* @param {string} [string=''] The string to escape.
* @returns {string} Returns the escaped string.
* @see escapeRegExp, unescape
* @example
*
* escape('fred, barney, & pebbles')
* // => 'fred, barney, &amp pebbles'
*/
function escape(string) {
return (string && reHasUnescapedHtml.test(string))
? string.replace(reUnescapedHtml, (chr) => htmlEscapes[chr])
: string
}
export default escape
You can't perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Morty Proxy This is a proxified and sanitized view of the page, visit original site.