A string to escape.
The escaped string.
No characters other than the ones mentioned above are escaped.
escape is only provided for basic protection against XSS and if you need more
robust functionality consider using another HTML escaper (such as
he or
sanitize-html).
a simple HTML sanitizer. Escapes
&,<,>,', and"by replacing them with their corresponding HTML escapes (&,>,<,', and").