逃避更少/大于JavaScript [英] escape less / greater than javascript

问题描述

我有一个问题，试图逃避一些代码...基本上，我想逃脱<和>，但我希望他们在我的#output div中的APPEAR为<和>。目前，它们显示为&和&在页面上。

I'm having a problem trying to escape some code... Basically, I want to escape "<" and ">" but I want them to APPEAR in my #output div as "<" and ">". Currently, they appear as as "&lt;" and "&gt;" on the page.

这显然是为了防止任何人利用/注入页面上的脚本。这是我的代码：

This is obviously to prevent anyone exploiting / injecting scripts on the page. This is my code:

var textval = $("#textarea").val();                   //textarea

filtered = textval.replace(/</gi,"&lt;");           //replace "<"

$("#output").html(filtered);                     //insert textarea data into div

有人会发现我做错了什么，还是有更好的这样做的方法？

Can anybody spot what I am doing wrong, or are there any better ways of doing this?

非常感谢

编辑：我想要几个html标签（如< b> ;工作，所以我不能使用$ .text（）;不幸的是..）

I do want SOME html tags (like <b> to work, so I can't use $.text(); unfortunately..)

推荐答案

p>

Try this:

var textval = $("#textarea").val();
$("#output").text(textval);      

jQuery提供两种方法 - $ .text（）和$ .html（）方法名称说为自己：）

jQuery offers two methods - $.text() and $.html() where the method names speak for themselves :)

这篇关于逃避更少/大于JavaScript的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！