Escape html manually with ember built-in function?

jcrate · November 19, 2019, 1:36am

I have some text that comes from an API that includes some user-entered text. Since Ember automatically html-escapes the text when popped into the template via curly braces, I didn’t have to worry about any extraneous angle brackets. Now, though, I’d like to do some formatting on this text via helper, like make certain strings bold. I can use htmlSafe to allow my formatting to pass through, but that will also let any extraneous angle brackets cause problems.

Is there any way to manually invoke the html escaping on a string? Then I can html-escape the original string, apply my formatting, and pass it on with htmlSafe.

jcrate · November 28, 2019, 12:45am

This turned out to be pretty simple, I just added the “entities” package, and used the escape function. I only have this one Ember app I’ve written so far so I’d forgotten I could use any package from the npm/yarn ecosystem.

NullVoxPopuli · November 29, 2019, 2:34am

Exactly! I like using DOMPurify myself https://github.com/NullVoxPopuli/emberclear/blob/master/packages/frontend/app/utils/dom/utils.ts#L75

Topic		Replies	Views
Safestring in HTMLbars	8	9033	July 14, 2015
Dealing with escaped text from the api? Design	2	1991	July 24, 2015
How does Ember/Glimmer convert dynamic content with HTML into DOM documents? General	1	1024	February 1, 2019
Rendering HTML with injected Components in HBS templates Questions	6	2272	June 4, 2018
Escaping Handlebars expressions for documentation	2	2540	April 30, 2014

Escape html manually with ember built-in function?

Related topics