VGTech is a blog where the developers and devops of Norways most visited website share code and tricks of the trade… Read more

Are you brilliant? We're hiring. Read more

Strip HTML from a string in Javascript


Quick tip; never use innerHTML (or jQuery’s html()) unless you really want to insert HTML.
Quite often, what you actually want is to insert some text. If this is the case, use innerText (or jQuery’s text()).

Should you need to strip HTML from a string (say you are building a chunk of HTML and need to insert the content of an input-field into it), this is a simple way of doing it:

Show code
function stripHtml(str) {
    var temp = document.createElement('DIV');
    temp.innerHTML = str;
    return temp.textContent || temp.innerText;

Or, if you’re using jQuery:

Show code
function stripHtml(str) {
    return jQuery('<div />', { html: str }).text();

WARNING: Please be aware that any code (script tags) and resources linked (images, scripts) will still be run using this approach. Only use this approach when you have some degree of control over the input and context. Securing markup is not a trivial task and should be given more thought.

Developer at VG with a passion for Node.js, React, PHP and the web platform as a whole. - @rexxars


  • Avinash Patil


    Thanks for the above code, it helped me.

    Avinash Patil

Leave your comment