RELNOTES[NEW]: Add SafeHtml.comment.

PiperOrigin-RevId: 301206461
google · Mar 19, 2020 · 964e8f3 · 964e8f3
1 parent a93d568
commit 964e8f3
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/closure/goog/html/safehtml.js b/closure/goog/html/safehtml.js
@@ -324,6 +324,22 @@ goog.html.SafeHtml.htmlEscapePreservingNewlinesAndSpaces = function(
 goog.html.SafeHtml.from = goog.html.SafeHtml.htmlEscape;
 
 
+/**
+ * Converts an arbitrary string into an HTML comment by HTML-escaping the
+ * contents and embedding the result between HTML comment markers.
+ *
+ * Escaping is needed because Internet Explorer supports conditional comments
+ * and so may render HTML markup within comments.
+ *
+ * @param {string} text
+ * @return {!goog.html.SafeHtml}
+ */
+goog.html.SafeHtml.comment = function(text) {
+  return goog.html.SafeHtml.createSafeHtmlSecurityPrivateDoNotAccessOrElse(
+      '<!--' + goog.string.internal.htmlEscape(text) + '-->', null);
+};
+
+
 /**
  * @const
  * @private

diff --git a/closure/goog/html/safehtml_test.js b/closure/goog/html/safehtml_test.js
@@ -611,6 +611,10 @@ testSuite({
         'a &#160;b', SafeHtml.htmlEscapePreservingNewlinesAndSpaces('a  b'));
   },
 
+  testComment() {
+    assertSameHtml('<!--&lt;script&gt;-->', SafeHtml.comment('<script>'));
+  },
+
   testSafeHtmlConcatWithDir() {
     const ltr = Dir.LTR;
     const rtl = Dir.RTL;