HtmlEscapeMode class final

HTML escape modes.

Allows specifying a mode for HTML escaping that depends on the context where the escaped result is going to be used. The relevant contexts are:

  • as text content of an HTML element.
  • as value of a (single- or double-) quoted attribute value.

All modes require escaping of & (ampersand) characters, and may enable escaping of more characters.

Custom escape modes can be created using the HtmlEscapeMode.HtmlEscapeMode constructor.

Example:

const htmlEscapeMode = HtmlEscapeMode(
  name: 'custom',
  escapeLtGt: true,
  escapeQuot: false,
  escapeApos: false,
  escapeSlash: false,
 );

const HtmlEscape htmlEscape = HtmlEscape(htmlEscapeMode);
String unescaped = 'Text & subject';
String escaped = htmlEscape.convert(unescaped);
print(escaped); // Text & subject

unescaped = '10 > 1 and 1 < 10';
escaped = htmlEscape.convert(unescaped);
print(escaped); // 10 &gt; 1 and 1 &lt; 10

unescaped = "Single-quoted: 'text'";
escaped = htmlEscape.convert(unescaped);
print(escaped); // Single-quoted: 'text'

unescaped = 'Double-quoted: "text"';
escaped = htmlEscape.convert(unescaped);
print(escaped); // Double-quoted: "text"

unescaped = 'Path: /system/';
escaped = htmlEscape.convert(unescaped);
print(escaped); // Path: /system/

Constructors

HtmlEscapeMode({String name = "custom", bool escapeLtGt = false, bool escapeQuot = false, bool escapeApos = false, bool escapeSlash = false})
Create a custom escaping mode.
const

Properties

escapeApos bool
Whether to escape "'" (apostrophe).
final
escapeLtGt bool
Whether to escape '<' and '>'.
final
escapeQuot bool
Whether to escape '"' (quote).
final
escapeSlash bool
Whether to escape "/" (forward slash, solidus).
final
hashCode int
The hash code for this object.
read-onlyinherited
runtimeType Type
A representation of the runtime type of the object.
read-onlyinherited

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toString() String
A string representation of this object.
override

Operators

operator ==(Object other) bool
The equality operator.
inherited

Constants

attribute → const HtmlEscapeMode
Escaping mode for text going into double-quoted HTML attribute values.
HtmlEscapeMode._('attribute', true, true, false, false)
element → const HtmlEscapeMode
Escaping mode for text going into HTML element content.
HtmlEscapeMode._('element', true, false, false, false)
sqAttribute → const HtmlEscapeMode
Escaping mode for text going into single-quoted HTML attribute values.
HtmlEscapeMode._('attribute', true, false, true, false)
unknown → const HtmlEscapeMode
Default escaping mode, which escapes all characters.
HtmlEscapeMode._('unknown', true, true, true, true)