When I submit/POST data to the server, I need to HTMLencode its characters (the relevant ones), since disabling input check by setting validationRequest = false is not a good practice.
当我向服务器提交/发布数据时,我需要对其字符(相关字符)进行HTMLencode,因为通过设置validationRequest = false禁用输入检查不是一个好的实践。
All solutions are finally replacing chars in string:
所有的解决方案最终以字符串形式替换chars:
This is what i've written.
这就是我写的。
function htmlEncode(str) {
str = str.replace(/\&/g, "&");
str = str.replace(/\</g, "<");
str = str.replace(/\>/g, ">");
str = str.replace(/ /g, " ");
return str;
}
But apprently regex could be replaced with something much faster (don't get me wrong - I love regex).
但是,regex很可能会被更快的东西取代(不要误解,我喜欢regex)。
Also, working with indexes + sub-strings seems wasteful.
此外,使用索引+子字符串似乎也很浪费。
What is the fastest way of doing it?
最快的方法是什么?
3 个解决方案
#1
9
function htmlEncode(str) {
return String(str)
.replace(/&/g, '&')
.replace(/"/g, '"')
.replace(/'/g, ''')
.replace(/</g, '<')
.replace(/>/g, '>');
}
jsperf tests show this method is fast and possibly the fastest option if you're in a recent browser version
jsperf测试表明,如果您在最近的浏览器版本中,这个方法是快速的,并且可能是最快的选择。
anothre way to also like this
也喜欢这样
function htmlEncode(value){
return $('<div/>').text(value).html();
}
function htmlDecode(value){
return $('<div/>').html(value).text();
}
#2
0
function htmlEncode(value){
if (value) {
return jQuery('<div />').text(value).html();
} else {
return '';
}
}
function htmlDecode(value) {
if (value) {
return $('<div />').html(value).text();
} else {
return '';
}
}
#3
0
If you are just encoding HTML entities, you can try:
如果你只是编码HTML实体,你可以尝试:
function htmlEncode(str) {
var d = document.createElement('b');
d.innerText = str;
return d.innerHTML;
}
This way is not the fastest. This test indicates that regExp is faster: http://jsperf.com/encodehtml
这种方式不是最快的。这个测试表明regExp更快:http://jsperf.com/encodehtml
However, the difference seems to be smaller the more HTML you consume.
但是,差异似乎更小,您使用的HTML越多。
The innerText method seems more reliable as it will exploit the native browser conversion tables for entities. With RegExp, there is always a chance that you missed something and as some previous answers indicate, consuming HTML using RegExp is not always optimal.
innerText方法看起来更可靠,因为它将为实体利用本机浏览器转换表。使用RegExp时,总是有可能会漏掉某些内容,正如前面的一些答案所示,使用RegExp使用HTML并不总是最优的。
#1
9
function htmlEncode(str) {
return String(str)
.replace(/&/g, '&')
.replace(/"/g, '"')
.replace(/'/g, ''')
.replace(/</g, '<')
.replace(/>/g, '>');
}
jsperf tests show this method is fast and possibly the fastest option if you're in a recent browser version
jsperf测试表明,如果您在最近的浏览器版本中,这个方法是快速的,并且可能是最快的选择。
anothre way to also like this
也喜欢这样
function htmlEncode(value){
return $('<div/>').text(value).html();
}
function htmlDecode(value){
return $('<div/>').html(value).text();
}
#2
0
function htmlEncode(value){
if (value) {
return jQuery('<div />').text(value).html();
} else {
return '';
}
}
function htmlDecode(value) {
if (value) {
return $('<div />').html(value).text();
} else {
return '';
}
}
#3
0
If you are just encoding HTML entities, you can try:
如果你只是编码HTML实体,你可以尝试:
function htmlEncode(str) {
var d = document.createElement('b');
d.innerText = str;
return d.innerHTML;
}
This way is not the fastest. This test indicates that regExp is faster: http://jsperf.com/encodehtml
这种方式不是最快的。这个测试表明regExp更快:http://jsperf.com/encodehtml
However, the difference seems to be smaller the more HTML you consume.
但是,差异似乎更小,您使用的HTML越多。
The innerText method seems more reliable as it will exploit the native browser conversion tables for entities. With RegExp, there is always a chance that you missed something and as some previous answers indicate, consuming HTML using RegExp is not always optimal.
innerText方法看起来更可靠,因为它将为实体利用本机浏览器转换表。使用RegExp时,总是有可能会漏掉某些内容,正如前面的一些答案所示,使用RegExp使用HTML并不总是最优的。