_htmlReplacer
protected
static
void
_htmlReplacer
(
match
)
Regex replacer for HTML escaping.
- Parameters:
-
match <String>Matched character (must exist in HTML_CHARS).
html
static
String
html
(
string
)
Returns a copy of the specified string with special HTML characters
escaped. The following characters will be converted to their
corresponding character entities:
& < > " ' / `
This implementation is based on the
OWASP
HTML escaping recommendations. In addition to the characters
in the OWASP recommendation, we also escape the `
character, since IE interprets it as an attribute delimiter when used in
innerHTML.
- Parameters:
-
string <String>String to escape.
- Returns:
String - Escaped string.
regex
static
String
regex
(
string
)
Returns a copy of the specified string with special regular expression
characters escaped, allowing the string to be used safely inside a regex.
The following characters, and all whitespace characters, are escaped:
- # $ ^ * ( ) + [ ] { } | \ , . ?
- Parameters:
-
string <String>String to escape.
- Returns:
String - Escaped string.