Editing html escaping via dom This edit will create a new revision. Your details (optional) Name Email (won’t be displayed; might be used for Gravatar) URL Test case details Title * Published (uncheck if you want to fiddle around before making the page public) Description (in case you feel further explanation is needed)(Markdown syntax is allowed) Are you a spammer? (just answer the question) Preparation code Preparation code HTML (this will be inserted in the <body> of a valid HTML5 document in standards mode) (useful when testing DOM operations or including libraries) Include JavaScript libraries as follows: <script src="//cdn.ext/library.js"></script> Define setup for all tests (variables, functions, arrays or other objects that will be used in the tests) (runs before each clocked test loop, outside of the timed code region) (e.g. define local test variables, reset global variables, clear canvas, etc.) (see FAQ) function coerceToString(val) { return String((val === null || val === undefined) ? '' : val); } var rAmp = /&/g, rLt = /</g, rGt = />/g, rApos = /\'/g, rQuot = /\"/g, hChars = /[&<>\"\']/; var dom_escape = (function() { var el = document.createElement('b'); if (el.textContent) {return (function(str) { return hChars.test(str) ? (el.textContent = coerceToString(str), el.innerHTML) : str; })} else {return (function(str) { return hChars.test(str) ? (el.innerText = coerceToString(str), el.innerHTML) : str; })} })(); var hogan_escape = (function() { return (function(str) { str = coerceToString(str); return hChars.test(str) ? str.replace(rAmp, '&').replace(rLt, '<').replace(rGt, '>').replace(rApos, ''').replace(rQuot, '"') : str; }); })(); var split_escape = function(str) { var input = coerceToString(str).split(/([&<>\"\'])/g); var inputLengthM1 = input.length-1; var output = []; for (var i = 0; i < inputLengthM1; i += 2) { var c = input[i+1]; output.push(input[i]); output.push( c == "'" ? ''' : c == '"' ? '"' : c == '&' ? '&' : c == '<' ? '<' : '>'); } output.push(input[inputLengthM1]); return output.join(''); } var split_concat_escape = function(str) { var input = coerceToString(str).split(/([&<>\"\'])/g); var inputLengthM1 = input.length-1; var output = input[inputLengthM1]; for (var i = 0; i < inputLengthM1; i += 2) { var c = input[i+1]; output = input[i] + ( c == "'" ? ''' : c == '"' ? '"' : c == '&' ? '&' : c == '<' ? '<' : '>') + output; } return output; } var roseta = { "'" : ''', '"' : '"', '&' : '&', '<' : '<' , '>' : '>'}; var split_concat_hash_escape = function(str) { var input = coerceToString(str).split(/([&<>\"\'])/g); var inputLengthM1 = input.length-1; var output = input[inputLengthM1]; for (var i = 0; i < inputLengthM1; i += 2) output = input[i] + roseta[input[i+1]] + output; return output; } Define teardown for all tests (runs after each clocked test loop, outside of the timed code region) (see FAQ) Code snippets to compare Test 1 Title Async (check if this is an asynchronous test) Code dom_escape("It's a kind of magic"); dom_escape("Can you feel the love tonight"); dom_escape("<EVIL> & <EVAL>"); dom_escape("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec libero purus, consequat ac vulputate vitae, sodales ut elit. Proin vel cursus libero. Vivamus facilisis sagittis sem, quis dictum diam suscipit a. In hac habitasse platea dictumst.<> Curabitur dapibus velit at felis dapibus ullamcorper. Vestibulum in orci suscipit tellus vestibulum interdum. Sed eu nisl id eros sollicitudin tempor at a felis. Morbi ac consequat felis. Morbi dapibus gravida erat, vitae porta dolor pharetra non. Suspendisse ac urna ut odio consequat tristique. In volutpat massa eget erat scelerisque pharetra tempus nisi auctor. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Donec vel massa dolor. Nulla facilisi."); Test 2 Title Async (check if this is an asynchronous test) Code hogan_escape("It's a kind of magic"); hogan_escape("Can you feel the love tonight"); hogan_escape("<EVIL> & <EVAL>"); hogan_escape("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec libero purus, consequat ac vulputate vitae, sodales ut elit. Proin vel cursus libero. Vivamus facilisis sagittis sem, quis dictum diam suscipit a. In hac habitasse platea dictumst.<> Curabitur dapibus velit at felis dapibus ullamcorper. Vestibulum in orci suscipit tellus vestibulum interdum. Sed eu nisl id eros sollicitudin tempor at a felis. Morbi ac consequat felis. Morbi dapibus gravida erat, vitae porta dolor pharetra non. Suspendisse ac urna ut odio consequat tristique. In volutpat massa eget erat scelerisque pharetra tempus nisi auctor. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Donec vel massa dolor. Nulla facilisi."); Test 3 Title Async (check if this is an asynchronous test) Code split_escape("It's a kind of magic"); split_escape("Can you feel the love tonight"); split_escape("<EVIL> & <EVAL>"); split_escape("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec libero purus, consequat ac vulputate vitae, sodales ut elit. Proin vel cursus libero. Vivamus facilisis sagittis sem, quis dictum diam suscipit a. In hac habitasse platea dictumst.<> Curabitur dapibus velit at felis dapibus ullamcorper. Vestibulum in orci suscipit tellus vestibulum interdum. Sed eu nisl id eros sollicitudin tempor at a felis. Morbi ac consequat felis. Morbi dapibus gravida erat, vitae porta dolor pharetra non. Suspendisse ac urna ut odio consequat tristique. In volutpat massa eget erat scelerisque pharetra tempus nisi auctor. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Donec vel massa dolor. Nulla facilisi."); Test 4 Title Async (check if this is an asynchronous test) Code split_concat_escape("It's a kind of magic"); split_concat_escape("Can you feel the love tonight"); split_concat_escape("<EVIL> & <EVAL>"); split_concat_escape("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec libero purus, consequat ac vulputate vitae, sodales ut elit. Proin vel cursus libero. Vivamus facilisis sagittis sem, quis dictum diam suscipit a. In hac habitasse platea dictumst.<> Curabitur dapibus velit at felis dapibus ullamcorper. Vestibulum in orci suscipit tellus vestibulum interdum. Sed eu nisl id eros sollicitudin tempor at a felis. Morbi ac consequat felis. Morbi dapibus gravida erat, vitae porta dolor pharetra non. Suspendisse ac urna ut odio consequat tristique. In volutpat massa eget erat scelerisque pharetra tempus nisi auctor. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Donec vel massa dolor. Nulla facilisi."); Test 5 Title Async (check if this is an asynchronous test) Code split_concat_hash_escape("It's a kind of magic"); split_concat_hash_escape("Can you feel the love tonight"); split_concat_hash_escape("<EVIL> & <EVAL>"); split_concat_hash_escape("Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec libero purus, consequat ac vulputate vitae, sodales ut elit. Proin vel cursus libero. Vivamus facilisis sagittis sem, quis dictum diam suscipit a. In hac habitasse platea dictumst.<> Curabitur dapibus velit at felis dapibus ullamcorper. Vestibulum in orci suscipit tellus vestibulum interdum. Sed eu nisl id eros sollicitudin tempor at a felis. Morbi ac consequat felis. Morbi dapibus gravida erat, vitae porta dolor pharetra non. Suspendisse ac urna ut odio consequat tristique. In volutpat massa eget erat scelerisque pharetra tempus nisi auctor. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Donec vel massa dolor. Nulla facilisi.");