| /*! |
| * escape-html |
| * Copyright(c) 2012-2013 TJ Holowaychuk |
| * Copyright(c) 2015 Andreas Lubbe |
| * Copyright(c) 2015 Tiancheng "Timothy" Gu |
| * MIT Licensed |
| */ |
| |
| 'use strict'; |
| |
| /** |
| * Module variables. |
| * @private |
| */ |
| |
| var matchHtmlRegExp = /["'&<>]/; |
| |
| /** |
| * Module exports. |
| * @public |
| */ |
| |
| module.exports = escapeHtml; |
| |
| /** |
| * Escape special characters in the given string of html. |
| * |
| * @param {string} string The string to escape for inserting into HTML |
| * @return {string} |
| * @public |
| */ |
| |
| function escapeHtml(string) { |
| var str = '' + string; |
| var match = matchHtmlRegExp.exec(str); |
| |
| if (!match) { |
| return str; |
| } |
| |
| var escape; |
| var html = ''; |
| var index = 0; |
| var lastIndex = 0; |
| |
| for (index = match.index; index < str.length; index++) { |
| switch (str.charCodeAt(index)) { |
| case 34: // " |
| escape = '"'; |
| break; |
| case 38: // & |
| escape = '&'; |
| break; |
| case 39: // ' |
| escape = '''; |
| break; |
| case 60: // < |
| escape = '<'; |
| break; |
| case 62: // > |
| escape = '>'; |
| break; |
| default: |
| continue; |
| } |
| |
| if (lastIndex !== index) { |
| html += str.substring(lastIndex, index); |
| } |
| |
| lastIndex = index + 1; |
| html += escape; |
| } |
| |
| return lastIndex !== index |
| ? html + str.substring(lastIndex, index) |
| : html; |
| } |
