Unescape apostrophe (') in JavaScript?
Solution 1
unescape
has nothing to do with HTML character entities. It's an old, deprecated function for decoding text encoded with escape
, which is an old, deprecated function for encoding text in a way that is unlikely to be useful in the modern world. :-)
If you need to turn that HTML into plain text, the easiest way is via an element:
var div = document.createElement('div');
div.innerHTML = "'";
alert(div.firstChild.nodeValue);
Note that the above relies on the fact that there are no elements defined in your HTML text, so it knows there is exactly one child node of div
, which is a text node.
For more complicated use cases, you might use div.innerText
(if it has one) or div.textContent
:
var div = document.createElement('div');
div.innerHTML = "'";
alert(div.innerText || div.textContent || "");
Solution 2
By using createElement
like in T.J.'s answer, you open yourself up to XSS attacks.
DOMParser
is a much safer way to correctly unescape HTML entities (including '
)
function unescape(string) {
return new DOMParser().parseFromString(string,'text/html').querySelector('html').textContent;
}
console.log(unescape('''));
You can use the function above with a string from any source, and the string won't be able to modify your page or steal data by including JavaScript.
Richard
Updated on August 12, 2022Comments
-
Richard over 1 year
I'm trying to unescape a HTML-escaped apostrophe (
"'"
) in JavaScript, but the following doesn't seem to work on a devtools console line:unescape(''');
The output is simply:
"'"
It doesn't work in Underscore's unescape either:
_.unescape(''')
What am I doing wrong?