js特殊字元轉義
阿新 • • 發佈:2018-12-13
/** * 特殊字元轉義 防止XSS攻擊 用於特殊字元正常顯示 * @param text * @constructor */ function StringFilter(str) { var s = ""; if (str.length === 0) { return ""; } s = str.replace(/&/g, "&"); s = s.replace(/</g, "<"); s = s.replace(/>/g, ">"); s = s.replace(/ /g, " "); s = s.replace(/\'/g, "'"); s = s.replace(/\"/g, """); return s; } /** * 轉義字元還原成html字元 * @param str * @returns {string} * @constructor */ function StringValFilter(str) { var s = ""; if (str.length === 0) { return ""; } s = str.replace(/&/g, "&"); s = s.replace(/</g, "<"); s = s.replace(/>/g, ">"); s = s.replace(/ /g, " "); s = s.replace(/'/g, "\'"); s = s.replace(/"/g, "\""); return s; }