Dart sanitize international text

Question

How best do I sanitize text like

abc&#39; a>b<c & a<b>c

converting/displaying

abc' a>b≤c & a≤b>c

or in clear text

abc' a>b<c & a<b>c

so that I can use it via

myDiv.innerHtml=...   or
myDiv.setInnerHtml(..., myValidator, mySantitizer);

A text assignment myDiv.text=... converts all & and <> eliminating the valid apostrophe ' - the HtmlEscape.convert(..) class/method also converts all & in all HtmlEscapeMode's.

Could write my own Sanitizer, but hope that I overlooked some standard library/call.

Answer 1

DartPad Link

RexExp for HTML Entity

import 'dart:html';
import 'dart:convert';

void main() {
  String htmlStr = r'abc&#39; a>b<c & a<b>' * 3;
  var reg = new RegExp(r"(.*?)(&#[1-9][0-9]{1,3}|[A-Za-z][0-9A-Za-z]+;)|(.*)");
  List<Match> matchs = reg.allMatches(htmlStr);
  var resStr = '';
  matchs.forEach((m) {
    var g1 = m.group(1);
    var g2 = m.group(2);
    var g3 = m.group(3);
    g1 = HTML_ESCAPE.convert(g1 == null ? '' : g1);
    g2 = g2 == null ? '' : g2;
    g3 = HTML_ESCAPE.convert(g3 == null ? '' : g3);
    resStr += g1 + g2 + g3;
  });
  print(resStr);
  document.body.setInnerHtml(resStr);
}

Answer 2

After some thought, I realized that using Validators or HtmlEscape/Mode was not the best way to solve the problem.

The original problem was that translation engines use &#39; for the apostrophe - probably to not confuse it with the misuse of apostrophe as a single quote.

In summary, the best solution is to replace &#39; with the correct unicode character for the apostrophe, which is actually

• NOT "\u{0027}" = ' = unicode apostrophe - displayed as (straight) single quote
• NOT "\u{2019}" = ’ = unicode right single (curly) quotation mark - see http://www.fileformat.info/info/unicode/char/2019/index.htm
• but "\u{02BC}" = ʼ = the modifier letter apostrophe - displayed like a curly quote - see http://www.fileformat.info/info/unicode/char/02BC/index.htm

The (correct) apostrophe U+0027 &#39; is misliked is as character fonts print it (incorrectly) straight - which graphic guys really hate - like the straight ".

With that, you can assign the translated text to element.text and if it contains problematic characters, they are escaped automatically by Dart - and rendered just fine.