Refactor Functions.escapeHtml() JS function

MauricioFauth · MauricioFauth · commit 3bf23620aed3 · 2022-11-22T00:59:43.000-03:00
Uses native function to escape instead of custom one.

Signed-off-by: Maurício Meneghini Fauth &lt;mauricio@fauth.dev&gt;
diff --git a/js/src/functions.js b/js/src/functions.js
@@ -388,25 +388,17 @@ Functions.tooltip = function ($elements, item, myContent, additionalOptions) {
 };
 
 /**
- * HTML escaping
- *
- * @param {any} unsafe
- * @return {string | false}
+ * @param {string} value
+ * @return {string}
  */
-Functions.escapeHtml = function (unsafe) {
-    if (typeof (unsafe) !== 'undefined') {
-        return unsafe
-            .toString()
-            .replace(/&/g, '&amp;')
-            .replace(/</g, '&lt;')
-            .replace(/>/g, '&gt;')
-            .replace(/"/g, '&quot;')
-            .replace(/'/g, '&#039;');
-    } else {
-        return false;
-    }
+const escapeHtml = (value = '') => {
+    const element = document.createElement('span');
+    element.appendChild(document.createTextNode(value));
+    return element.innerHTML;
 };
 
+Functions.escapeHtml = escapeHtml
+
 /**
  * JavaScript escaping
  *
