逃避更少/大于JavaScript [英] escape less / greater than javascript
问题描述
我有一个问题,试图逃避一些代码...基本上,我想逃脱<和>,但我希望他们在我的#output div中的APPEAR为<和>。目前,它们显示为&和&在页面上。
I'm having a problem trying to escape some code... Basically, I want to escape "<" and ">" but I want them to APPEAR in my #output div as "<" and ">". Currently, they appear as as "<" and ">" on the page.
这显然是为了防止任何人利用/注入页面上的脚本。这是我的代码:
This is obviously to prevent anyone exploiting / injecting scripts on the page. This is my code:
var textval = $("#textarea").val(); //textarea
filtered = textval.replace(/</gi,"<"); //replace "<"
$("#output").html(filtered); //insert textarea data into div
有人会发现我做错了什么,还是有更好的这样做的方法?
Can anybody spot what I am doing wrong, or are there any better ways of doing this?
非常感谢
编辑:我想要几个html标签(如< b> ;工作,所以我不能使用$ .text();不幸的是..)
I do want SOME html tags (like <b> to work, so I can't use $.text(); unfortunately..)
推荐答案
p>
Try this:
var textval = $("#textarea").val();
$("#output").text(textval);
jQuery提供两种方法 - $ .text()和$ .html()方法名称说为自己:)
jQuery offers two methods - $.text() and $.html() where the method names speak for themselves :)
这篇关于逃避更少/大于JavaScript的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!