htmlentities() is a PHP function which converts special characters (like <) into their escaped/encoded values (like <). This allows you to show to display the string without the browser reading it as HTML.
JavaScript doesn’t have a native version of it. If you just need the very basics to so that the browser won’t interpret as HTML, this should work fine (via James Padolsey and I got a a similar idea from David Walsh).
function htmlEntities(str) {
return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"');
}
The PHP.js project, which is a project to port over all of PHP’s native functions to JavaScript, contains an example as well. I tried it and it works, but I’ve been warned much of the code from that project is poorly written, so I’ve kept it simple and used the above.
I use the following two functions, in my opinion a very solid, complete and easy method.
This particulary example uses jQuery but the principe isn’t dependant on jQuery:
Can you show an example of the above jquery encoding working on a form?
Is this right?
Thanks a lot haha! It’ll solve a lot of problems with AJAX for me :D
This is nice hack but it’s not useful for high scale web applications where the performance is crucial. This portion of code creates a dummy DOM element to manipulate the text inside, DOM method calls are the most resource taking methods. I would prefer using multiple replaces applied to the string rather than creating and destroying a dummy DOM element.
Sure, here you go:
http://krinkle-tools.grizzdesign.nl/js-htmlentities.html
Thanks for the two functions, that helped me out of a pickle working with a serialized query string.
Thanks for the info!! (^_^)b
the problem with the jQuery approach is if your text contains htmlentities, e.g.
$(”).text(‘&’).html()
outputs:
“&”
maybe not what you want…..
entities filtered in above post. should read:
$(‘<p>’).text(‘&’).html()
will output
&amp;
Your example proves that it works perfectly.
htmlEntities(‘&’) SHOULD return ‘&’
To test it see if you can the same value when encoding and decoding back.
Thanks it helped..:)?
Sure it works when you post, but what about saving
The problem with this approach, as Buzz alluded to, is that all ampersands, even if already properly html-ized, will be matched, resulting in things like
htmlentities("&") == "&amp;"
andhtmlentities(htmlentities("<")) == "&lt;"
(not that you’d do the latter, but just to illustrate the point). You want to pad the ampersand regex. Just a space will work for most cases, i.e.:or you can get fancier with something along the lines of:
Why not just replace all
&
with an&
as the first replace method? This solves the problem of double-encoding ampersands.This works for me quite well.
There is no problem with this: that behaviour is totally correct.
If you use PHP own htmlentities(‘Me & myself’) it will correctly return ‘Me & myself’. And that is the correct way to code in HTML if you want the text ‘Me & myself’ (as it is) to appear on the page.
And if you encode it again, it will become ‘Me && myself’, and this too is correct.
“Even if already properly html-ized” is a total nonsense.
If an instructional page wants to show you how to write entities and wants & to appear on the page, it has to write & for the & and then ‘amp;’ as it is, so the HTML code becomes & and that is it.
The fact that & was “already properly html-ized” in your mind makes no diffrence for the HTML code and parser…
How does one do the opposite of this? I want to show the interpreted html entity in js. Example:
Would like ‘textNext’ to output as Go to step two »
Please note that this doesn’t do the same as the PHP function. The PHP function uses HTML entities; while this function uses XML ones.
For example, this function leaves
Orléans
unaltered, while the PHP function turns that string intoOrléans
.Helped me a lot… krEncodeEntities, krDencodeEntities solved my problem…
I may be late to the party, but here’s my take. This will encode entities from an innerHTML string safely and (mostly) by name, with an optional truthy parameter to encode everything (meaning <, >, and &). String.prototype.encodeHTMLEntities (1.45 KB)
function htmlEntities(str) {
return String(str).replace(/&/g, '&').replace(/</g, '<').replace(/>/g, '>').replace(/"/g, '"').replace(/'/g,'&apos');
}
Thank you for this script. I have added this
.replace(/'/g,'&apos')
end of the line. Maybe it will be helpcheck out this code plz
$(“body”).text($(“body”).html());
one line code ;)
The solution Chris posted here works fine.
However, some of the comments on this page discuss extended implementations that not only escape unsafe characters, but also encode any non-ASCII characters. I just want to say: encoding/decoding HTML entities in JavaScript is harder than it seems.
Here’s a list of common problems in HTML entity encoding/decoding scripts. All the solutions linked to in the comments have at least one of the issues mentioned there. My he library handles all these things perfectly.
This tricked saved my day! Thanks for the simple solution !
I was going to recommend the excellent he library (written by Mathias Bynens), but I see Mathias already took care of that himself. Unless you’re 100% sure the string you need to encode does not contain any special characters, the he library is the only way to go.
excellent Krinkle!!!!!!! use your comment
I think we no need to encode the & and ” and ‘.
We just need to encode <, >, space and TAB.
And I heard, Numbered HtmlEntity Code is more supported, so…
My code is below.
String.prototype.enHtmlEntity = function(){return enHtmlEntity(this);};
String.prototype.deHtmlEntity = function(){return deHtmlEntity(this);};
/**
* HTML字符串编码为实体字符串
* @author Zhao Xin
* @email [email protected]
* @param {String} str HTML普通字符串
* @return {String} HTML实体字符串
*/
function enHtmlEntity(str){
return String(str).replace(//g, ‘>’)
.replace(/[ ]/g, ‘ ’)
.replace(/\t/g, ‘’);
} /* end of function enHtmlEntity */
/**
* HTML实体解码为普通字符
* @author Zhao Xin
* @email [email protected]
* @param {String} str HTML实体字符串
* @return {String} HTML普通字符串
*/
function deHtmlEntity(str){
return String(str).replace(/\<\;/gi, ”)
.replace(/\ \;/gi, ‘ ‘)
.replace(/\­\;/gi, ‘\t’);
} /* end of function deHtmlEntity */
Thanks for this. Quick and easy fix.
This function replaces most common character names and all character numbers.
(last version)
I missed the single quote and added it to the function. Here it is:
function htmlEntities(str) {
return String(str)
.replace(/&/g, ‘&’)
.replace(/</g, ‘<‘)
.replace(/>/g, ‘>’)
.replace(/”/g, ‘"’)
.replace(/’/g, ‘'’)
;
}