Syntax
escapeHtml(html)
Description
Escapes the given html removing traces of offending characters that could be wrongfully interpreted as markup. The following characters are reserved in HTML and must be replaced with their corresponding HTML entities:
|
Parameters
Parameter name | Type | Required | Description |
---|---|---|---|
html | string | Yes | HTML to escape |
Return type
String
Returns the html input escaped.
Example
return escapeHtml("<html><script><img src=1 onerror=alert(1)></script></html>"); |
Returns "<html><script><img src=1 onerror=alert(1)></script></html>"