veloze
Version:
A modern and fast express-like webserver for the web
33 lines (30 loc) • 895 B
JavaScript
const charMap = {
'&': '&',
'<': '<',
'>': '>',
"'": ''',
'"': '"'
}
/**
* escape HTML and prevent double escaping of '&'
* @param {string} string - which requires escaping
* @returns {string} escaped string
* @example
* escapeHTML('<h1>"One" & 'Two' & Works</h1>')
* // <h1>"One" & 'Two' & Works</h1>
*/
export const escapeHtml = (string) =>
String(string ?? '')
.replace(/&/g, '&')
.replace(/[&<>'"]/g, (tag) => charMap[tag])
/**
* Escape all vars in a template literal
* @param {*} literals
* @param {...any} vars
* @returns {string}
* @example
* escapeHtmlLit`<h1>${"One" & 'Two' & Works}</h1>`
* // <h1>"One" & 'Two' & Works</h1>;
*/
export const escapeHtmlLit = (literals, ...vars) =>
literals.map((literal, i) => literal + escapeHtml(vars[i])).join('')