Escapes a string for use in HTML.
Use String.prototype.replace()
with a regexp that matches the characters that need to be escaped, using a callback function to replace each character instance with its associated escaped character using a dictionary (object).
代码片段
const escapeHTML = str =>
str.replace(
/[&<>'"]/g,
tag =>
({
'&': '&',
'<': '<',
'>': '>',
"'": ''',
'"': '"'
}[tag] || tag)
);
使用样例
escapeHTML('<a href="#">Me & you</a>'); // '<a href="#">Me & you</a>'