Escape an HTML string

The Bun.escapeHTML() utility can be used to escape HTML characters in a string. The following replacements are made.

• " becomes """
• & becomes "&"
• ' becomes "'"
• < becomes "<"
• > becomes ">"

This function is optimized for large input. Non-string types will be converted to a string before escaping.

Bun.escapeHTML("<script>alert('Hello World!')</script>");
// &lt;script&gt;alert(&#x27;Hello World!&#x27;)&lt;&#x2F;script&gt;

See Docs > API > Utils for more useful utilities.