Escape Html special chars

JavaScript performance comparison

Revision 6 of this test case created by

Preparation code


      
      <script>
Benchmark.prototype.setup = function() {
  var specialchars = "&;\'><\"&;\'><\"&;\'><\"&;\'><\"";
  
  var escapeMap = {
    "&": "&amp;",
    "<": "&lt;",
    ">": "&gt;",
    '"': '&quot;',
    "'": '&#39;'
  };
  
  function escapeHTML(string) {
    return String(string).replace(/&(?!\w+;)|[<>"']/g, function(s) {
      return escapeMap[s] || s;
    });
  }
  
  var HtmlEncode = (function() {
    var el = document.createElement("div");
    return function(s) {
      el.innerText = el.textContent = s;
      return el.innerHTML;
    };
  })();
  
  var simpleReplaceEncode = function(s) {
    return s.replace('&', '&amp;', 'g')
      .replace('<', '&lt;', 'g')
      .replace('>', '&gt;', 'g')
      .replace('"', '&quot;', 'g')
      .replace("'", '&#39;', 'g');
  };
  
  var BS = /\\/g,
    CR = /\r/g,
    LS = /\u2028/g,
    PS = /\u2029/g,
    NL = /\n/g,
    LF = /\f/g,
    SQ = /'/g,
    DQ = /"/g,
    TB = /\t/g;
  
  var escapeJs = function(s) {
    if (typeof s === "string") {
      return s
        .replace(BS, '\\\\')
        .replace(DQ, '\\"')
        .replace(SQ, "\\'")
        .replace(CR, '\\r')
        .replace(LS, '\\u2028')
        .replace(PS, '\\u2029')
        .replace(NL, '\\n')
        .replace(LF, '\\f')
        .replace(TB, "\\t");
    }
    return s;
  };
  
  var escape = function(string) {
    return ('' + string).replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/"/g, '&quot;').replace(/'/g, '&#x27;').replace(/\//g, '&#x2F;');
  };
  
  
  var escapeRe = /&(?!\w+;)|[<>"']/g;
  
  var escapeMap = {
    "&": "&amp;",
    "<": "&lt;",
    ">": "&gt;",
    '"': '&quot;',
    "'": '&#39;'
  };
  
  // from Mustache.js
  var escapeHtml2 = function(string) {
    return String(string).replace(escapeRe, function(s) {
      return escapeMap[s] || s;
    });
  };
  
  var escapeRe = /&(?!\w+;)|[<>"']/g;
  
  var escapeMap = {
    "&": "&amp;",
    "<": "&lt;",
    ">": "&gt;",
    '"': '&quot;',
    "'": '&#39;'
  };
  
  // from Mustache.js
  var escapeHtml3 = (function() {
    var f = function(s) {
      return escapeMap[s] || s;
    };
  
    return function(s) {
      return String(s).replace(escapeRe, f);
    }
  })();
  
  String.prototype.replaceAll = function(token, newToken, ignoreCase) {
    var str = this.toString(),
      i = -1,
      _token;
    if (typeof token === "string") {
      if (ignoreCase === true) {
        _token = token.toLowerCase();
        while ((i = str.toLowerCase().indexOf(token, i >= 0 ? i + newToken.length : 0)) !== -1) {
          str = str.substring(0, i)
            .concat(newToken)
            .concat(str.substring(i + token.length));
        }
      } else {
        return this.split(token).join(newToken);
      }
    }
    return str;
  };

};
</script>

Test runner

Warning! For accurate results, please disable Firebug before running the tests. (Why?)

Java applet disabled.

Testing in CCBot 2.0.0 / Other 0.0.0
Test Ops/sec
mustache.js
escapeHTML(specialchars);
pending…
DOM
HtmlEncode(specialchars);
pending…
dust.js
escapeJs(specialchars);
pending…
underscore.js
escape(specialchars);
pending…
mod
escapeHtml2(specialchars);
pending…
mod3
escapeHtml3(specialchars);
pending…
loop
specialchars.replaceAll('&', '');
pending…
simple string.replace
simpleReplaceEncode(specialchars);
pending…

Compare results of other browsers

Revisions

You can edit these tests or add even more tests to this page by appending /edit to the URL.

0 Comments