HTML-encoding lost when attribute read from input field

前端 未结 25 3909
时光说笑
时光说笑 2020-11-21 04:04

I’m using JavaScript to pull a value out from a hidden field and display it in a textbox. The value in the hidden field is encoded.

For example,



        
相关标签:
25条回答
  • 2020-11-21 04:53

    Underscore provides _.escape() and _.unescape() methods that do this.

    > _.unescape( "chalk & cheese" );
      "chalk & cheese"
    
    > _.escape( "chalk & cheese" );
      "chalk & cheese"
    
    0 讨论(0)
  • 2020-11-21 04:54

    My pure-JS function:

    /**
     * HTML entities encode
     *
     * @param {string} str Input text
     * @return {string} Filtered text
     */
    function htmlencode (str){
    
      var div = document.createElement('div');
      div.appendChild(document.createTextNode(str));
      return div.innerHTML;
    }
    

    JavaScript HTML Entities Encode & Decode

    0 讨论(0)
  • 2020-11-21 04:55

    If you want to use jQuery. I found this:

    http://www.jquerysdk.com/api/jQuery.htmlspecialchars

    (part of jquery.string plugin offered by jQuery SDK)

    The problem with Prototype I believe is that it extends base objects in JavaScript and will be incompatible with any jQuery you may have used. Of course, if you are already using Prototype and not jQuery, it won't be a problem.

    EDIT: Also there is this, which is a port of Prototype's string utilities for jQuery:

    http://stilldesigning.com/dotstring/

    0 讨论(0)
  • 2020-11-21 04:59
    var htmlEnDeCode = (function() {
        var charToEntityRegex,
            entityToCharRegex,
            charToEntity,
            entityToChar;
    
        function resetCharacterEntities() {
            charToEntity = {};
            entityToChar = {};
            // add the default set
            addCharacterEntities({
                '&'     :   '&',
                '>'      :   '>',
                '&lt;'      :   '<',
                '&quot;'    :   '"',
                '&#39;'     :   "'"
            });
        }
    
        function addCharacterEntities(newEntities) {
            var charKeys = [],
                entityKeys = [],
                key, echar;
            for (key in newEntities) {
                echar = newEntities[key];
                entityToChar[key] = echar;
                charToEntity[echar] = key;
                charKeys.push(echar);
                entityKeys.push(key);
            }
            charToEntityRegex = new RegExp('(' + charKeys.join('|') + ')', 'g');
            entityToCharRegex = new RegExp('(' + entityKeys.join('|') + '|&#[0-9]{1,5};' + ')', 'g');
        }
    
        function htmlEncode(value){
            var htmlEncodeReplaceFn = function(match, capture) {
                return charToEntity[capture];
            };
    
            return (!value) ? value : String(value).replace(charToEntityRegex, htmlEncodeReplaceFn);
        }
    
        function htmlDecode(value) {
            var htmlDecodeReplaceFn = function(match, capture) {
                return (capture in entityToChar) ? entityToChar[capture] : String.fromCharCode(parseInt(capture.substr(2), 10));
            };
    
            return (!value) ? value : String(value).replace(entityToCharRegex, htmlDecodeReplaceFn);
        }
    
        resetCharacterEntities();
    
        return {
            htmlEncode: htmlEncode,
            htmlDecode: htmlDecode
        };
    })();
    

    This is from ExtJS source code.

    0 讨论(0)
  • 2020-11-21 05:01

    I had a similar problem and solve it using the function encodeURIComponent from JavaScript (documentation)

    For example, in your case if you use:

    <input id='hiddenId' type='hidden' value='chalk & cheese' />
    

    and

    encodeURIComponent($('#hiddenId').attr('value'))
    

    you will get chalk%20%26%20cheese. Even spaces are kept.

    In my case, I had to encode one backslash and this code works perfectly

    encodeURIComponent('name/surname')
    

    and I got name%2Fsurname

    0 讨论(0)
  • 2020-11-21 05:01

    function encodeHTML(str) {
        return document.createElement("a").appendChild( 
            document.createTextNode(str)).parentNode.innerHTML;
    };
    
    function decodeHTML(str) {
        var element = document.createElement("a"); 
        element.innerHTML = str;
        return element.textContent;
    };
    var str = "<"
    var enc = encodeHTML(str);
    var dec = decodeHTML(enc);
    console.log("str: " + str, "\nenc: " + enc, "\ndec: " + dec);

    0 讨论(0)
提交回复
热议问题