2 * lodash 3.2.0 (Custom Build) <https://lodash.com/>
3 * Build: `lodash modularize exports="npm" -o ./`
4 * Copyright 2012-2016 The Dojo Foundation <http://dojofoundation.org/>
5 * Based on Underscore.js 1.8.3 <http://underscorejs.org/LICENSE>
6 * Copyright 2009-2016 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
7 * Available under MIT license <https://lodash.com/license>
9 var root = require('lodash._root');
11 /** Used as references for various `Number` constants. */
14 /** `Object#toString` result references. */
15 var symbolTag = '[object Symbol]';
17 /** Used to match HTML entities and HTML characters. */
18 var reUnescapedHtml = /[&<>"'`]/g,
19 reHasUnescapedHtml = RegExp(reUnescapedHtml.source);
21 /** Used to map characters to HTML entities. */
32 * Used by `_.escape` to convert characters to HTML entities.
35 * @param {string} chr The matched character to escape.
36 * @returns {string} Returns the escaped character.
38 function escapeHtmlChar(chr) {
39 return htmlEscapes[chr];
42 /** Used for built-in method references. */
43 var objectProto = Object.prototype;
46 * Used to resolve the [`toStringTag`](http://ecma-international.org/ecma-262/6.0/#sec-object.prototype.tostring)
49 var objectToString = objectProto.toString;
51 /** Built-in value references. */
52 var Symbol = root.Symbol;
54 /** Used to convert symbols to primitives and strings. */
55 var symbolProto = Symbol ? Symbol.prototype : undefined,
56 symbolToString = Symbol ? symbolProto.toString : undefined;
59 * Checks if `value` is object-like. A value is object-like if it's not `null`
60 * and has a `typeof` result of "object".
65 * @param {*} value The value to check.
66 * @returns {boolean} Returns `true` if `value` is object-like, else `false`.
72 * _.isObjectLike([1, 2, 3]);
75 * _.isObjectLike(_.noop);
78 * _.isObjectLike(null);
81 function isObjectLike(value) {
82 return !!value && typeof value == 'object';
86 * Checks if `value` is classified as a `Symbol` primitive or object.
91 * @param {*} value The value to check.
92 * @returns {boolean} Returns `true` if `value` is correctly classified, else `false`.
95 * _.isSymbol(Symbol.iterator);
101 function isSymbol(value) {
102 return typeof value == 'symbol' ||
103 (isObjectLike(value) && objectToString.call(value) == symbolTag);
107 * Converts `value` to a string if it's not one. An empty string is returned
108 * for `null` and `undefined` values. The sign of `-0` is preserved.
113 * @param {*} value The value to process.
114 * @returns {string} Returns the string.
123 * _.toString([1, 2, 3]);
126 function toString(value) {
127 // Exit early for strings to avoid a performance hit in some environments.
128 if (typeof value == 'string') {
134 if (isSymbol(value)) {
135 return Symbol ? symbolToString.call(value) : '';
137 var result = (value + '');
138 return (result == '0' && (1 / value) == -INFINITY) ? '-0' : result;
142 * Converts the characters "&", "<", ">", '"', "'", and "\`" in `string` to
143 * their corresponding HTML entities.
145 * **Note:** No other characters are escaped. To escape additional
146 * characters use a third-party library like [_he_](https://mths.be/he).
148 * Though the ">" character is escaped for symmetry, characters like
149 * ">" and "/" don't need escaping in HTML and have no special meaning
150 * unless they're part of a tag or unquoted attribute value.
151 * See [Mathias Bynens's article](https://mathiasbynens.be/notes/ambiguous-ampersands)
152 * (under "semi-related fun fact") for more details.
154 * Backticks are escaped because in IE < 9, they can break out of
155 * attribute values or HTML comments. See [#59](https://html5sec.org/#59),
156 * [#102](https://html5sec.org/#102), [#108](https://html5sec.org/#108), and
157 * [#133](https://html5sec.org/#133) of the [HTML5 Security Cheatsheet](https://html5sec.org/)
160 * When working with HTML you should always [quote attribute values](http://wonko.com/post/html-escaping)
161 * to reduce XSS vectors.
166 * @param {string} [string=''] The string to escape.
167 * @returns {string} Returns the escaped string.
170 * _.escape('fred, barney, & pebbles');
171 * // => 'fred, barney, & pebbles'
173 function escape(string) {
174 string = toString(string);
175 return (string && reHasUnescapedHtml.test(string))
176 ? string.replace(reUnescapedHtml, escapeHtmlChar)
180 module.exports = escape;