19

Suppose I have a string of HTML code. I want to use JQuery to remove all <script> tags from the string.

How can I do that?

Note: I want to use JQuery , not REGEX, to do this.

Does this work? $(var).find('script').remove();

Improve this question
0

4 Answers 4

Reset to default
18

This should work for you:

var stringOfHtml = // your string here
$(stringOfHtml).find('script').remove();

To get the new string with the script tags removed:

var stringOfHtml = "<div><script></script><span></span></div>";
var html = $(stringOfHtml);
html.find('script').remove();

var stringWithoutScripts = html.wrap("<div>").parent().html(); // have to wrap for html to get the outer element

JS Fiddle Example - Had to use p instead of script as script broke the fiddle, same principle though.

Actual working answer here (hopefully)

Here is a workaround for the script issue, use replace to swap the script text with something else (try and make it unique) then remove those new tags and use replace again to swap back in case script is used anywhere else in text. Yes, it does use regex, but not to remove the script tags so I'm hoping that's alright ;):

var stringOfHtml = "<p></p><script>alert('fail');</scr" + "ipt><span></span>";
var wrappedString = '<div>' + stringOfHtml + '</div>';
var noScript = wrappedString.replace(/script/g, "THISISNOTASCRIPTREALLY");
var html = $(noScript);
html.find('THISISNOTASCRIPTREALLY').remove();

alert(html.html().replace(/THISISNOTASCRIPTREALLY/g, 'script'));

JS Fiddle Workaround

JS Fiddle Example With Script Text

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

How do you get the resulting string?
I guess that the SO problem is that script is executed on parse it, and the .remove() is unuseful. See this example.
@DavidRodrigues Seems you're right. Guess this can't work on scripts but should work on any other tag.
This answer sucks. Your regex is going to munge any string that contains the word "script" whether that's a tag or not. -1
@g33kz0r Thanks, not sure I get what you mean though. I've added an example fiddle with the word script inside the span and it doesn't get removed.
|
13

Old question, but if you are still looking for the easiest way to remove scripts from a string try 

$.parseHTML(string);

$.parseHTML() automatically removes script tags from strings.

Edit:

This works because keepScripts has false value as default. (Reference: $.parseHtml)

$.parseHTML(data, context, keepScripts)
Improve this answer

1 Comment

Works great, but how do I join the html back into a string? parseHTML() returns an array of DOM elements which exclude the script tags, but I'd like to join without having to insert them back into the document. I'm trying to avoid using something like $().add() or append()
1

i guess this should work

$('script').each(function () {
    $(this).remove();
});
Improve this answer

1 Comment

this is equivalent to $('script').remove()
1

Here is the other solution if one want to remove script tag from any string:

var str = "<script>Content...</script>"
use var afterstring = str.replace("<script>","new");
and afterstring = str.replace("<\/script>","new");


Hope it will work for you !

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.