public function Escaper::escapeJs in Zircon Profile 8
Same name and namespace in other branches
- 8.0 vendor/zendframework/zend-escaper/src/Escaper.php \Zend\Escaper\Escaper::escapeJs()
Escape a string for the Javascript context. This does not use json_encode(). An extended set of characters are escaped beyond ECMAScript's rules for Javascript literal string escaping in order to prevent misinterpretation of Javascript as HTML leading to the injection of special characters and entities. The escaping used should be tolerant of cases where HTML escaping was not applied on top of Javascript escaping correctly. Backslash escaping is not used as it still leaves the escaped character as-is and so is not useful in a HTML context.
Parameters
string $string:
Return value
string
File
- vendor/
zendframework/ zend-escaper/ src/ Escaper.php, line 182
Class
- Escaper
- Context specific methods for use in secure output escaping
Namespace
Zend\EscaperCode
public function escapeJs($string) {
$string = $this
->toUtf8($string);
if ($string === '' || ctype_digit($string)) {
return $string;
}
$result = preg_replace_callback('/[^a-z0-9,\\._]/iSu', $this->jsMatcher, $string);
return $this
->fromUtf8($result);
}