Unescaping ampersand characters in javascript

Question

I'm having trouble properly displaying values that contain escaped characters (i.e. apostrophes are stored as \' and not ' and brackets are > and < rather than > and <).

Items stored in my database have the characters (' < >) escaped to (\' < >), respectively. When I try to dynamically add them to the page with JavaScript, they print out in the escaped form in Firefox, rather than returning to their normal values like in IE (< is being printed to the HTML rather just <).

<html>
    <head>
        <script type="text/javascript">
         $(document).ready(function() {
            var str = "&gt;";
            $(document.body).html(str);
         });
        </script>
    </head>
    <body>

    </body>
</html>

I know that if I simply do a replace, I can print correctly, but by doing so, I'm allowing the injection of HTML code, which is why I escaped the string in the first place.

ADDED:

Firstly, I apologize about the mistakes in my initial post. After closer examination, in the instances where I am using $().html(), the strings are printing correctly. The times where they aren't printing correctly are when I am using code like below.

var str = ">";
$('#inputField').val(str);

In this instance, the text ">" is shown, rather than ">". Is there something I can do to fix this?

Answer 1

You need to decode them like this:

$('#myText').val($("<div/>").html(str).text());

Demo: http://jsfiddle.net/QUbmK/

You can move the decode part to function too and call that instead:

function jDecode(str) {
    return $("<div/>").html(str).text();
}

$('#myText').val(jDecode(str));