Escape Class
yui3/src/escape/js/escape.js:1
Provides utility methods for escaping strings.
Index
Methods
- _htmlReplacer static
- html static
- regex static
Methods
_htmlReplacer
-
match
Regex replacer for HTML escaping.
Parameters:
-
match
StringMatched character (must exist in HTML_CHARS).
Returns:
HTML entity.
html
-
string
Returns a copy of the specified string with special HTML characters escaped. The following characters will be converted to their corresponding character entities:
& < > " ' / `
This implementation is based on the OWASP HTML escaping recommendations. In addition to the characters in the OWASP recommendations, we also escape the <code>`</code> character, since IE interprets it as an attribute delimiter.
If string is not already a string, it will be coerced to a string.
Parameters:
-
string
StringString to escape.
Returns:
Escaped string.
regex
-
string
Returns a copy of the specified string with special regular expression characters escaped, allowing the string to be used safely inside a regex. The following characters, and all whitespace characters, are escaped:
- $ ^ * ( ) + [ ] { } | \ , . ?
If string is not already a string, it will be coerced to a string.
Parameters:
-
string
StringString to escape.
Returns:
Escaped string.