Is there js function that replace xml Special Character with their escape sequence?

Question

I search the web alot and didn't find js function that replace xml Special Character with their escape sequence?
Is there something like this?

I know about the following:

Special Character   Escape Sequence Purpose  
&                   &amp;           Ampersand sign 
'                   &apos;          Single quote 
"                   &quot;          Double quote
>                   &gt;            Greater than 
<                   &lt;            Less than

is there more? what about writing hexadecimal value like 0×00,
Is this also a problem?

possible duplicate of [how to escape xml entities in javascript?](http://stackoverflow.com/questions/7918868/how-to-escape-xml-entities-in-javascript) — sudhansu63, Sep 22 '15 at 08:30

score 13 · Answer 1 · edited Nov 02 '20 at 09:00

13

I have used this:

function htmlSpecialChars(unsafe) {
    return unsafe
    .replace(/&/g, "&amp;")
    .replace(/</g, "&lt;")
    .replace(/>/g, "&gt;")
    .replace(/"/g, "&quot;")
    .replace(/'/g, "&apos;");
}

edited Nov 02 '20 at 09:00

Ollie

1,641
1
13
31

answered Mar 27 '12 at 14:17

nathanjosiah

4,441
4
35
47

2

and don't forget .replace(/'/g, "'") – Abacus Jun 05 '15 at 19:07

score 3 · Accepted Answer · answered Mar 27 '12 at 14:12

3

There's an interesting JS library here: Client side HTML encoding and decoding

answered Mar 27 '12 at 14:12

Barry Kaye

7,682
6
42
64

Are you familiar with similar function to C++? – Dor Cohen Mar 28 '12 at 08:07
@DorCohen - no unfortunately not. – Barry Kaye Mar 28 '12 at 08:46

score 2 · Answer 3 · answered Mar 27 '12 at 14:08

2

You could use PHP's htmlspecialchars from the PHPJS project.

answered Mar 27 '12 at 14:08

Alex Turpin

46,743
23
113
145

I need javascript, it's on client side – Dor Cohen Mar 27 '12 at 14:09
@DorCohen Yes. Check the links in my post. – Alex Turpin Mar 27 '12 at 14:09
Thanks for the answer, I used @Barry Kaye solution because it's works better for me, If I can choose 2 answers I would choose you to but +1 – Dor Cohen Mar 27 '12 at 15:06
Are you familiar with similar function to C++? – Dor Cohen Mar 28 '12 at 08:07

score 1 · Answer 4 · answered Sep 14 '17 at 18:28

This is similar to Can I escape html special chars in javascript?

The accepted answer there is this:

function escapeHtml(unsafe) {
    return unsafe
         .replace(/&/g, "&amp;")
         .replace(/</g, "&lt;")
         .replace(/>/g, "&gt;")
         .replace(/"/g, "&quot;")
         .replace(/'/g, "&#039;");
 }

However, if you're using lodash, then I like cs01's answer from that post:

_.escape('fred, barney, & pebbles');
// => 'fred, barney, &amp; pebbles'

score 0 · Answer 5 · answered Oct 16 '18 at 22:01

This is old, but my favorite way to do it is to let the browser figure it out:

function encodeXML(data){
    var d = document.createElement('div');
    d.appendChild(document.createTextNode(data));
    return d.innerHTML;
}

encodeXML('&');

Output:

"&"

You could also use d.innerText = data; or d.textContent = data;, but createTextNode() has the most browser support.

score 0 · Answer 6 · answered Mar 27 '12 at 14:11

Those are the only characters you need to worry about.

Generally you should be using a DOM interface to build XML documents then you don't need to worry about manually escaping things. That only becomes an issue if you are mashing together strings to build the XML.

Is there js function that replace xml Special Character with their escape sequence?

6 Answers6