xss escaping and parsing html entities

xss.js

var entityMap = {
	"&": "&",
	"<": "&lt;",
	">": "&gt;",
	'"': '&quot;',
	"'": '&#39;',
	"/": '&#x2F;'
};

var htmlMap = {
	"&amp;": "&",
	"&lt;": "<",
	"&gt;": ">",
	'&quot;': '"',
	'&#39;': "'",
	'&#x2F;': "/"
};

function escapeHtml(string) {
	return String(string).replace(/[&<>"'\/]/g, function (s) {
		return entityMap[s];
	});
}

function parseHtml(string) {
	return String(string).replace(/&amp;|&lt;|&gt;|&quot;|&#39;|&#x2F;/g, function (s) {
		return htmlMap[s];
	});
}

var json = {
	key1: "<IMG SRC=JaVaScRiPt:alert('XSS')>",
	key2: {
		key3: "></SCRIPT>\">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT>",
		key4: "'';!--\"<XSS>=&{()}",
		key5:[{key6:"<SCRIPT SRC=http://ha.ckers.org/xss.js></SCRIPT>"},{key7:"<IMG SRC=\"javascript:alert('XSS');\">"},"<IMG SRC=JaVaScRiPt:alert('XSS')>",
		{key9:{
			key10:"<SCRIPT/SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT>",key11:"<iframe src=http://ha.ckers.org/scriptlet.html <"
		}}]
	}
};

function recursiveJsonParse(json, func) {
	return $.each(json, function(key, val) {
			if(val){
				if (typeof val == "string"){
					json[key] = func(val);
				} else if (typeof val != "number") {
					json[key] = recursiveJsonParse(val, func);
				}	
			}
	});
};

console.log( json );

var parsed = recursiveJsonParse(json, escapeHtml);
console.log( parsed );

// var reverse = recursiveJsonParse(parsed,parseHtml);
// console.log( reverse );