Skip to content

Instantly share code, notes, and snippets.

@ThaddeusJiang

ThaddeusJiang/escapeHtml.js

Last active May 7, 2020 01:42
Show Gist options
  • Save ThaddeusJiang/ab9d4557ffb85a212b9005f46ace24de to your computer and use it in GitHub Desktop.
Save ThaddeusJiang/ab9d4557ffb85a212b9005f46ace24de to your computer and use it in GitHub Desktop.
Download ZIP
XSS 对应 escapeHtml.js
Raw
escapeHtml.js
// XSS 对应
function escapeHtml(value) {
if (typeof value !== 'string') {
return value
}
return value.replace(/[&<>`"'\/]/g, function(result) {
return {
'&': '&amp;',
'<': '&lt;',
'>': '&gt;',
'`': '&#x60;',
'"': '&quot;',
"'": '&#x27;',
'/': '&#x2f;',
}[result]
})
}
@gagayang
Copy link

你好,这个js 怎么用呢???

@cjfff
Copy link

cjfff commented May 3, 2020

你好,这个js 怎么用呢???

拷贝下来,然后 escapeHtml(your_html_string) 。。。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment