| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- const escapeRE = /["'&<>]/
- export function escapeHtml(string: unknown): string {
- const str = '' + string
- const match = escapeRE.exec(str)
- if (!match) {
- return str
- }
- let html = ''
- let escaped: string
- let index: number
- let lastIndex = 0
- for (index = match.index; index < str.length; index++) {
- switch (str.charCodeAt(index)) {
- case 34: // "
- escaped = '"'
- break
- case 38: // &
- escaped = '&'
- break
- case 39: // '
- escaped = '''
- break
- case 60: // <
- escaped = '<'
- break
- case 62: // >
- escaped = '>'
- break
- default:
- continue
- }
- if (lastIndex !== index) {
- html += str.slice(lastIndex, index)
- }
- lastIndex = index + 1
- html += escaped
- }
- return lastIndex !== index ? html + str.slice(lastIndex, index) : html
- }
- // https://www.w3.org/TR/html52/syntax.html#comments
- const commentStripRE = /^-?>|<!--|-->|--!>|<!-$/g
- export function escapeHtmlComment(src: string): string {
- return src.replace(commentStripRE, '')
- }
- export const cssVarNameEscapeSymbolsRE: RegExp =
- /[ !"#$%&'()*+,./:;<=>?@[\\\]^`{|}~]/g
- export function getEscapedCssVarName(
- key: string,
- doubleEscape: boolean,
- ): string {
- return key.replace(cssVarNameEscapeSymbolsRE, s =>
- doubleEscape ? (s === '"' ? '\\\\\\"' : `\\\\${s}`) : `\\${s}`,
- )
- }
|
