return(this.replace(/&/mg,"&").replace(/</mg,"<").replace(/>/mg,">").replace(/\"/mg,"""));
}
-// Convert "&" to &, "<" to <, ">" to > and """ to "
+// Convert "<" to <, ">" to >, """ to " and "&" to & (& handled last for security reasons)
String.prototype.htmlDecode = function()
{
- return(this.replace(/&/mg,"&").replace(/</mg,"<").replace(/>/mg,">").replace(/"/mg,"\""));
+ return(this.replace(/</mg,"<").replace(/>/mg,">").replace(/"/mg,"\"").replace(/&/mg,"&"));
}
// Parse a space-separated string of name:value parameters where: