0

I am afraid that there is a very simple answer for this question but I’ve tried to search for a solution for some time now without any luck.

I’ve a very long string which often contains characters like semicolon (;), double and single quotes and perhaps other characters which can be harmful if not escaped probably.

When I try to run my JavaScript code, it comes up with the error “Uncaught SyntaxError: Unexpected identifier” and when I check what the Unexpected Identifier is, it is either the semicolon or a quote which is things is the end of the string.

In PHP there are built-in functions to prober render a text so it does not harm and prevent the code for breaking. Is there something equaling in JavaScript? I know I could just replace the characters but the problem is that I don’t always know which characters the string contains and therefore a more “general” function which takes care of escaping harmful characters would be very useful to have.

j08691
  • 204,283
  • 31
  • 260
  • 272
Emil Devantie Brockdorff
  • 4,724
  • 12
  • 59
  • 76
  • How are you using / referencing the string in your code that it is doing this? – Krease Jan 10 '13 at 18:26
  • 2
    can u post your javascript code? – Alex Jan 10 '13 at 18:28
  • 1
    You fear there's a simple answer? I'd be hoping for a simple answer. :) – Lukas Jan 10 '13 at 18:28
  • Your question is very unclear. Please show us your code. – SLaks Jan 10 '13 at 18:28
  • I'm awaiting the appearance of my good friend Mr. `eval`. – Paul S. Jan 10 '13 at 18:29
  • 1
    Some example would help... Have you tried `escape`, `unescape` or maybe `encodeURIComponent`? – marekful Jan 10 '13 at 18:29
  • You actually only need to escape quotes (the ones you are using as delimiters), backslashes, linebreaks and maybe dubious unicode. – Bergi Jan 10 '13 at 18:31
  • @MarcellFülöp `encodeURIComponent`, `encodeURI` and their [reverse](https://developer.mozilla.org/en-US/docs/JavaScript/Reference/Global_Objects/decodeURIComponent) should be preferred over `escape`/`unescape` because [the behaviour is defined](http://stackoverflow.com/a/3608791/1615483). – Paul S. Jan 10 '13 at 18:32
  • Another method to overcome something like this is to covert the string to its character codes or even unicode identifiers and then convert it back. – marekful Jan 10 '13 at 18:33
  • @ali-issa, @SLaks, and others, my code is right now just a simple regex search so it looks like this: `var searchItems = ["that is","you are","we can","we did","are you"]; var temp = "VERY LONG STRING WITH ALL SORTS OF CHARACTERS AND SYMBOLS"; var regex = new RegExp(searchItems[i], "g"); var count = temp.match(regex);` I did try the `escape` function but it still have trouble with some of the string symbols such as single and double quotes, semicolon, etc. – Emil Devantie Brockdorff Jan 13 '13 at 14:25

1 Answers1

1

Called you need to sanitize the string when you are rendering the page from the backend. Sounds like you need to escape the quotes so your string is not ended prematurely.

basically a string like this 

var foo = "asdkjhsadjkhsadjkhsajkdhsajkdhksajhd"sajkdhsakdjhsajkdhsajkdh";

needs to escape the " with a .

var foo = "asdkjhsadjkhsadjkhsajkdhsajkdhksajhd\"sajkdhsakdjhsajkdhsajkdh";

and no JavaScript error will occur.

You also have to be careful about new lines. Those you would have to replace with '\n'

epascarello
  • 204,599
  • 20
  • 195
  • 236