Escape Html special chars

JavaScript performance comparison

Revision 4 of this test case created by ukyo

Preparation code


      
      <script>
Benchmark.prototype.setup = function() {
  var specialchars = "&;\'><\"&;\'><\"&;\'><\"&;\'><\"";
  
  var escapeMap = {
      "&": "&amp;",
      "<": "&lt;",
      ">": "&gt;",
      '"': '&quot;',
      "'": '&#39;'
    };
  
    function escapeHTML(string) {
      return String(string).replace(/&(?!\w+;)|[<>"']/g, function (s) {
        return escapeMap[s] || s;
      });
    }
  
  var HtmlEncode = (function() {
    var el = document.createElement("div");
    return function(s) {
      el.innerText = el.textContent = s;
      return el.innerHTML;
    };
  })();
  
  var BS = /\\/g,
      CR = /\r/g,
      LS = /\u2028/g,
      PS = /\u2029/g,
      NL = /\n/g,
      LF = /\f/g,
      SQ = /'/g,
      DQ = /"/g,
      TB = /\t/g;
  
  var escapeJs = function(s) {
    if (typeof s === "string") {
      return s
        .replace(BS, '\\\\')
        .replace(DQ, '\\"')
        .replace(SQ, "\\'")
        .replace(CR, '\\r')
        .replace(LS, '\\u2028')
        .replace(PS, '\\u2029')
        .replace(NL, '\\n')
        .replace(LF, '\\f')
        .replace(TB, "\\t");
    }
    return s;
  };
  
  var escape = function(string) {
      return (''+string).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#x27;').replace(/\//g,'&#x2F;');
    };
  
  
  var escapeRe = /&(?!\w+;)|[<>"']/g;
  
  var escapeMap = {
      "&": "&amp;",
      "<": "&lt;",
      ">": "&gt;",
      '"': '&quot;',
      "'": '&#39;'
  };
  
  // from Mustache.js
  var escapeHtml2 = function(string) {
      return String(string).replace(escapeRe, function (s) {
          return escapeMap[s] || s;
      });
  };
  
  var escapeRe = /&(?!\w+;)|[<>"']/g;
  
  var escapeMap = {
      "&": "&amp;",
      "<": "&lt;",
      ">": "&gt;",
      '"': '&quot;',
      "'": '&#39;'
  };
  
  // from Mustache.js
  var escapeHtml3 = (function() {
      var f = function(s) {
          return escapeMap[s] || s;
      };
      
      return function(s) {
          return String(s).replace(escapeRe, f);
      }
  })();
  
  String.prototype.replaceAll = function(token, newToken, ignoreCase) {
      var str = this.toString(), i = -1, _token;
      if(typeof token === "string") {
          if(ignoreCase === true) {
              _token = token.toLowerCase();
              while((i = str.toLowerCase().indexOf( token, i >= 0? i + newToken.length : 0 )) !== -1 ) {
                  str = str.substring(0, i)
                          .concat(newToken)
                          .concat(str.substring(i + token.length));
              }
          } else {
              return this.split(token).join(newToken);
          }
      }
  return str;
  };

};
</script>

Test runner

Warning! For accurate results, please disable Firebug before running the tests. (Why?)

Java applet disabled.

Testing in CCBot 2.0.0 / Other 0.0.0
Test Ops/sec
mustache.js
escapeHTML(specialchars);
pending…
DOM
HtmlEncode(specialchars);
pending…
dust.js
escapeJs(specialchars);
pending…
underscore.js
escape(specialchars);
pending…
mod
escapeHtml2(specialchars);
pending…
mod3
escapeHtml3(specialchars);
pending…
loop
specialchars.replaceAll('&', '');
pending…

Compare results of other browsers

Revisions

You can edit these tests or add even more tests to this page by appending /edit to the URL.

0 Comments