1 | const characterReferences = {'"': 'quot', '&': 'amp', '<': 'lt', '>': 'gt'}
|
2 |
|
3 | /**
|
4 | * Encode only the dangerous HTML characters.
|
5 | *
|
6 | * This ensures that certain characters which have special meaning in HTML are
|
7 | * dealt with.
|
8 | * Technically, we can skip `>` and `"` in many cases, but CM includes them.
|
9 | *
|
10 | * @param {string} value
|
11 | * @returns {string}
|
12 | */
|
13 | export function encode(value) {
|
14 | return value.replace(/["&<>]/g, replace)
|
15 |
|
16 | /**
|
17 | * @param {string} value
|
18 | * @returns {string}
|
19 | */
|
20 | function replace(value) {
|
21 | // @ts-expect-error Hush, it’s fine.
|
22 | return '&' + characterReferences[value] + ';'
|
23 | }
|
24 | }
|