How to neutralize ' in javascript

Question

var wText = "What's on your mind ?";
var dCreate = "<div class='createpost-sec'><textarea class='clicktxt' rows='1' cols='1' placeholder='"+wText+"'/>"+dClear+"</div></div></div>";

When I am appending to html after ' text is missing, Please help me how can I neutralize ' character

@FelixKling: Thanks for pointing out, the solution worked for me as well.. i am sorry when I searched in google didn't get that link.....my bad — Jayaram, Sep 07 '13 at 10:43
No problem! Sometimes you just don't know what to search for :) — Felix Kling, Sep 07 '13 at 10:43

score 1 · Accepted Answer · edited May 23 '17 at 11:56

You need to encode the string for html. For instance, single quote should be '.:

jQuery solution:

function htmlEncode(value){
  //create a in-memory div, set it's inner text(which jQuery automatically encodes)
  //then grab the encoded contents back out.  The div never exists on the page.
  return $('<div/>').text(value).html();
}

function htmlDecode(value){
  return $('<div/>').html(value).text();
}

Manual solution:

function htmlEscape(str) {
    return String(str)
            .replace(/&/g, '&amp;')
            .replace(/"/g, '&quot;')
            .replace(/'/g, '&#39;')
            .replace(/</g, '&lt;')
            .replace(/>/g, '&gt;');
}

function htmlUnescape(value){
    return String(value)
        .replace(/&quot;/g, '"')
        .replace(/&#39;/g, "'")
        .replace(/&lt;/g, '<')
        .replace(/&gt;/g, '>')
        .replace(/&amp;/g, '&');
}

Source.

How to neutralize ' in javascript

1 Answers1