window.htmlStr = `<div> <input name="test" value="test" /> <img /></div>`;const escapeElement = document.createElement('span');const escapeTextNode = document.createTextNode('');escapeElement.append(escapeTextNode);function escape(str) { escapeTextNode.textContent = str; return escapeElement.innerHTML;}let i = 0;for (; i < 10000; i++) { escape(htmlStr);}const option = new Option('');function escape(str) { option.label = str; return option.label;}let i = 0;for (; i < 10000; i++) { escape(htmlStr);}function escape(str) { const E = [ ['&', '&'], ['<', '<'], ['>', '>'], ["'", '''], ['"', '"'], ]; return (v) => E.reduce((r, e) => str.replaceAll(e[0], e[1]), v);}let i = 0;for (; i < 10000; i++) { escape(htmlStr);}function escape(str) { return str.replaceAll('&', '&') .replaceAll('<', '<') .replaceAll('>', '>') .replaceAll("'", ''') .replaceAll('"', '"'); return (v) => E.reduce((r, e) => str.replaceAll(e[0], e[1]), v);}let i = 0;for (; i < 10000; i++) { escape(htmlStr);}function escape(str) { return ('' + str).replace(/[^\w. ]/gi, c => '&#' + c.charCodeAt(0) + ';')}let i = 0;for (; i < 10000; i++) { escape(htmlStr);}--enable-precise-memory-info flag.
| Test case name | Result |
|---|---|
| Text node | |
| Option node | |
| Replace A | |
| Replace B | |
| Replace C |
| Test name | Executions per second |
|---|---|
| Text node | 95.6 Ops/sec |
| Option node | 155.6 Ops/sec |
| Replace A | 736.0 Ops/sec |
| Replace B | 76.1 Ops/sec |
| Replace C | 45.1 Ops/sec |
Let's dive into the world of JavaScript microbenchmarks!
Benchmark Overview
The provided JSON represents a benchmarking test case named "Escape HTML regex vs replace vs textNode vs Option 4". The test aims to compare the performance of four different approaches for escaping HTML characters in a string.
Escaping HTML Characters
In HTML, certain characters have special meanings. To prevent XSS (Cross-Site Scripting) attacks, these characters need to be escaped. Escaping involves replacing these characters with their corresponding HTML entities.
There are several ways to escape HTML characters:
replaceAll() function to replace special characters with their HTML entities.Comparison of Approaches
| Approach | Description | Pros | Cons |
|---|---|---|---|
| Regex Replacement | Uses regular expressions to replace special characters with their HTML entities. | Fast and flexible, can handle complex replacements. | Overhead of creating a regex pattern, may not be as efficient for simple replacements. |
| Replace | Uses the replaceAll() function to replace special characters with their HTML entities. |
Simple and straightforward, easy to understand. | May not be as fast as regex replacement for complex replacements, limited control over replacement logic. |
| Text Node | Creates a text node in an XML document and sets its text content to the original string, then escaping the character using DOM methods. | Can handle complex replacements, uses native DOM methods. | May have overhead due to creating an XML document, not as fast as regex replacement or replace. |
| Option Node | Creates an Option element and sets its label attribute to the original string, then escaping the character using DOM methods. | Can handle complex replacements, uses native DOM methods. | May have overhead due to creating an HTML element, not as fast as regex replacement or replace. |
Library: DOM Methods
The test case uses DOM methods (e.g., append(), innerHTML) for the Text Node and Option Node approaches. These methods are built into the browser's JavaScript engine and provide a way to manipulate HTML documents.
Special JS Feature/Syntax: None
There are no special JavaScript features or syntax used in this benchmark.
Other Alternatives
Some alternative approaches for escaping HTML characters include:
In summary, the benchmark provides an interesting comparison of different approaches for escaping HTML characters in JavaScript. The choice of approach depends on the specific requirements of the project, such as performance, simplicity, and control over replacement logic.
