30-seconds-of-code
Version:
A collection of useful JavaScript snippets.
25 lines (20 loc) • 598 B
Markdown
### escapeHTML
Escapes a string for use in HTML.
Use `String.replace()` with a regexp that matches the characters that need to be escaped, using a callback function to replace each character instance with its associated escaped character using a dictionary (object).
```js
const escapeHTML = str =>
str.replace(
/[&<>'"]/g,
tag =>
({
'&': '&',
'<': '<',
'>': '>',
"'": ''',
'"': '"'
}[tag] || tag)
);
```
```js
escapeHTML('<a href="#">Me & you</a>'); // '<a href="#">Me & you</a>'
```