Escape html manually with ember built-in function?

I have some text that comes from an API that includes some user-entered text. Since Ember automatically html-escapes the text when popped into the template via curly braces, I didn’t have to worry about any extraneous angle brackets. Now, though, I’d like to do some formatting on this text via helper, like make certain strings bold. I can use htmlSafe to allow my formatting to pass through, but that will also let any extraneous angle brackets cause problems.

Is there any way to manually invoke the html escaping on a string? Then I can html-escape the original string, apply my formatting, and pass it on with htmlSafe.

This turned out to be pretty simple, I just added the “entities” package, and used the escape function. I only have this one Ember app I’ve written so far so I’d forgotten I could use any package from the npm/yarn ecosystem.

1 Like

Exactly! I like using DOMPurify myself https://github.com/NullVoxPopuli/emberclear/blob/master/packages/frontend/app/utils/dom/utils.ts#L75