@Blasty, Cool glad you're getting it sorted
I use the DOM for stuff like this, kind of a dirty trick but it's nice because it covers all. This is untested but scripts shouldn't execute if appended to an element. So it's matter of making sure calling the function doesn't execute anything unwanted.
function cleanEntitiy(t){
var div = document.createElement("div"
;
div.innerHTML = t;
return div.innerText;
}
alert( cleanEntitiy("
&l
t;
"
); // should alert '
<
'
edit:
Since you're the master of executing unwanted scripts, here's a link to play with
http://www.indecentcode.com/test.html
Keep in mind, there is no error correction and nothing added to circumvent unwanted input. I'd definitely add some extra safety measures but this is just a demo to show what the DOM can clean up.
27-May-2014 07:57:29
- Last edited on
27-May-2014 09:28:11
by
Indecent Act