April Hall
a65fc60f7a
Doing this so that I don't have to worry about it when I implement markdown later, as the escaped string will be passed to the markdown renderer, so that arbitrary HTML written in the message box will not be rendered, but HTML from the markdown parser will.
4 lines
192 B
TypeScript
4 lines
192 B
TypeScript
export default function escapeHTML(text: string) {
|
|
return text.replaceAll('&', '&').replaceAll('<', '<').replaceAll('>', '>').replaceAll('"', '"').replaceAll("'", ''');
|
|
}
|