Born Again Netscape's JavaScript Entities (entities.js)

JavaScript Entities was a feature supported in Netscape that allowed to use JavaScript within HTML attribute values, where a string enclosed within &{ and }; was parsed and evaluated as valid JavaScript code.

For example,

<script type="text/javascript">
	var myCSS = "color: red;";
</script>

<p style="&{myCSS};">Hi!</p>

was evaluated as

<p style="color: red;">Hi!</p>

This framework allows to use again Netscape's feature together with modern HTML5. All you need to do is to include entities.js in your document, then let it parse the page:

<script type="text/javascript" src="entities-min.js"></script>
<script type="text/javascript">
addEventListener("DOMContentLoaded", function () {
	JSEntities.parseTree(document.documentElement);
}, false);
</script>

Ambiguous ampersands?

If you wish to safely write an ampersand in HTML (as in, for example, “R&B”) you might want to encode it (&), since non-encoded ampersands (&) could combine with the text following and result in ambiguous ampersands – i.e., invalid HTML code. However, not all the unencoded ampersands are ambiguous ampersands. According to the WHATWG HTML Living Standard,

An ambiguous ampersand is a U+0026 AMPERSAND character (&) that is followed by one or more ASCII alphanumerics, followed by a U+003B SEMICOLON character (;), where these characters do not match any of the names given in the named character references section.

The leading sequence of JavaScript entities is &{ – which is an ampersand character not followed by any ASCII alphanumeric (but by a curly bracket instead). Hence, JavaScript entities are perfectly valid HTML code.

Here follows an example table that shows a few cases of ambiguous and non-ambiguous ampersands:

Sequence	Is it ambiguous?
&foo;	Yes
&area51;	Yes
&foo	No
&{foo};	No
&!foo;	No
&{;	No
&{foo;	No
&{};	No

Notes

• The HTML 4.01 specification reserves a syntax for the “future support of script macros” in HTML attributes (i.e., JavaScript entities). Sadly this syntax has never been incorporated into later standards, and currently “script macros” are not supported by any browser. This library can be considered as a general “script macros polyfill” for all browsers that do not natively support this feature.
• The function JSEntities.parseTree() replaces the text of all the attributes contained in a DOM tree. Since some of these attributes might have been assigned via JavaScript and might no longer contain strings (as, for example, mySpanElement.onlick = clickMe; – where typeof mySpanElement.onlick is usually a "function" and not a "string"), it is preferable to launch JSEntities.parseTree() before any other script.
• The string segments enclosed within &{ and }; are passed verbatim to eval() and executed in the global scope.
• A right curly bracket followed by a semicolon (};) does not end the Javascript entity unless it no longer expresses a syntactically valid JavaScript symbol – as it is in the segment 'red' }; in <p style="color: &{var myObject = { 'color': 'red' }; myObject.color;};">Hi!</p>
• Within node attributes the characters <, > and " must always be encoded (respectively, <, > and "). As for the character &, it must be encoded (&) when it represents an ambiguous ampersand – as in, for example, var bContinue=bAccept&&bAvailable; (see above). Instead, within JavaScript strings passed directly to JSEntity.parseString(), JavaScript entities are the only entities supported.

Enjoy the entities!