| const characterReferences = {'"': 'quot', '&': 'amp', '<': 'lt', '>': 'gt'} | |
| /** | |
| * Encode only the dangerous HTML characters. | |
| * | |
| * This ensures that certain characters which have special meaning in HTML are | |
| * dealt with. | |
| * Technically, we can skip `>` and `"` in many cases, but CM includes them. | |
| * | |
| * @param {string} value | |
| * Value to encode. | |
| * @returns {string} | |
| * Encoded value. | |
| */ | |
| export function encode(value) { | |
| return value.replace(/["&<>]/g, replace) | |
| /** | |
| * @param {string} value | |
| * @returns {string} | |
| */ | |
| function replace(value) { | |
| // @ts-expect-error Hush, it’s fine. | |
| return '&' + characterReferences[value] + ';' | |
| } | |
| } | |