)
}
}
)
(
}
{
)
)
(
)
(
(
{
}
)
(
)
}
)
)
{
(
(
)
)
}
)
(
}
AboutAll PostsWarningRandom

Escape HTML

  1. const el = document.createElement('div')
  2. const txt = document.createElement('textarea')
  3. txt.innerHTML = '&times; &copy; <script>alert("bang!")<\/script>'
  4. el.innerText = txt.innerText
  5. document.body.appendChild(el)
  6.  
  7. const theHtml = document.createElement('div')
  8. theHtml.innerText = txt.innerHTML
  9. document.body.appendChild(theHtml)

Just a hack to escape html strings… guessing most would use a lib for this…

// html // strings // tricks

Recent

Archive

RSS
snippet.zone ~ 2021-24 /// {s/z}