[英]Escaping unquoted attributes
With quoted attributes, I already know the solution. 使用带引号的属性,我已经知道解决方案。
function encodeForHTML(str){
return str
.replace(/&/g, '&')
.replace(/"/g, '"')
.replace(/'/g, ''')
.replace(/</g, '<')
.replace(/>/g, '>')
.replace(/\//g, '/');
}
How about unquoted one? 没有报价的怎么样? Which characters must be escaped beside those 6 characters?
在这6个字符旁边必须转义哪些字符? And how can I implement it in JS?
以及如何在JS中实现呢?
According to the W3 HTML spec , the characters not allowed in unquoted attribute values are """, "'", "=", ">", "<", or "`" and the literal space character. (Oh, and the attribute value cannot be the empty string, either.) 根据W3 HTML规范 ,未加引号的属性值中不允许使用的字符为“”“,”'“,” =“,”>,“ <”或“`”和原义空格字符。属性值也不能为空字符串。)
I think the only additions to what you already have are the equal sign, back-quote, and space. 我认为对您现有内容的唯一补充就是等号,反引号和空格。 Note that you can also eliminate the forward slash ("/") from your list;
请注意,您也可以从列表中消除正斜杠(“ /”)。 it doesn't need encoding.
它不需要编码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.