-
Notifications
You must be signed in to change notification settings - Fork 0
/
2023-09-23 Codewars 8 Kyu Fundamentals - Safen User Input Part I - htmlspecialchars.js
83 lines (65 loc) · 2.38 KB
/
2023-09-23 Codewars 8 Kyu Fundamentals - Safen User Input Part I - htmlspecialchars.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
// 9/23/23 Saturday Codewars 8 Kyu Fundamentals - Safen User Input Part I - htmlspecialchars
// https://www.codewars.com/kata/56bcaedfcf6b7f2125001118/train/javascript
/*
Safen User Input Part I - htmlspecialchars
You are a(n) novice/average/experienced/professional/world-famous Web Developer (choose one) who owns a(n) simple/clean/slick/beautiful/complicated/professional/business website (choose one or more) which contains form fields so visitors can send emails or leave a comment on your website with ease. However, with ease comes danger. Every now and then, a hacker visits your website and attempts to compromise it through the use of XSS (Cross Site Scripting). This is done by injecting script tags into the website through form fields which may contain malicious code (e.g. a redirection to a malicious website that steals personal information).
Mission
Your mission is to implement a function that converts the following potentially harmful characters:
< --> <
> --> >
" --> "
& --> &
Good luck :D
*/
// 2nd try - working
function htmlspecialchars(formData) {
let replacementChars = {
'<': '<',
'>': '>',
'"': '"',
'&': '&'
};
let newFormData = '';
for (let i = 0; i < formData.length; i++) {
if (formData[i] in replacementChars) {
newFormData += replacementChars[formData[i]];
} else {
newFormData += formData[i];
}
}
return newFormData;
}
// 1st try - not working
function htmlspecialchars(formData) {
let replacementChars = {
'<': '<',
'>': '>',
'"': '"',
'&': '&'
}
let newFormData = '';
for (let i = 0; i < formData.length; i++) {
if (formData[i] in replacementChars) newFormData += replacementChars[formData[i]];
newFormData += formData[i];
}
return newFormData;
}
/* =============
Other Solutions
============= */
function htmlspecialchars(formData) {
return formData.replace(/&/g, "&")
.replace(/"/g, """)
.replace(/</g, "<")
.replace(/>/g, ">");
}
// Other solution #2
function htmlspecialchars(formData) {
const dict = {
'<': '<',
'>': '>',
'"': '"',
'&': '&',
};
return formData.replace(/[<>"&]/g, char => dict[char]);
}