sitemap-html escape.ts

100% Statements 1/1

100% Branches 0/0

100% Functions 1/1

100% Lines 1/1

Press n or j to go to the next uncovered block, b, p or k for the previous block.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30  
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
198596x
 
 
 
 
 
 
 
  /**
 * @module Infrastructure/SitemapHtml/Escape
 * @category Intelligence Operations / Supporting Infrastructure
 * @name HTML escaper
 *
 * @description
 * Pure-string HTML escaper used by every sitemap_${lang}.html page.
 * Escapes `&` only when it is not already part of a valid HTML entity
 * so existing entities (`&amp;`, `&#39;`, `&lt;` etc.) are preserved.
 *
 * Round-6 split: extracted from `scripts/generate-sitemap-html.ts`.
 *
 * @author Hack23 AB (Infrastructure Team)
 * @license Apache-2.0
 */
 
/**
 * Escape HTML special characters to prevent XSS while preserving valid
 * pre-encoded entities. Used for both attribute values and text content.
 */
export function escapeHtml(text: string): string {
  return text
    // Escape & only when it is NOT already part of a valid HTML entity
    .replace(/&(?!(?:#\d+|#x[0-9a-fA-F]+|[a-zA-Z]+);)/g, '&amp;')
    .replace(/</g, '&lt;')
    .replace(/>/g, '&gt;')
    .replace(/"/g, '&quot;')
    .replace(/'/g, '&#039;');
}