Home/ Questions/Q 7169757
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T15:04:28+00:00

var fb_ps_page = window.location.href; document.write(‘<iframe src=//www.facebook.com/plugins/like.php?href=’ + fb_ps_page + ‘&amp;send=false&amp;layout=button_count&amp;width=450&amp;show_faces=false&amp;action=like&amp;colorscheme=light&amp;font&amp;height=21&amp;appId=205223179497882 scrolling=no frameborder=0 style=border:none; overflow:hidden;

  • 0
var fb_ps_page = window.location.href;
document.write('<iframe src="//www.facebook.com/plugins/like.php?href=' + fb_ps_page + '&amp;send=false&amp;layout=button_count&amp;width=450&amp;show_faces=false&amp;action=like&amp;colorscheme=light&amp;font&amp;height=21&amp;appId=205223179497882" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:21px;" allowTransparency="true"></iframe>');

My function to write the dynamic url to facebook like button.

But, my url contains /, #, +, and & – do I need to escape these, and would I do that using regex?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You are inserting into the URL context, so use proper URL encoding first:

    document.write('<iframe src="//www.facebook.com/plugins/like.php?href=' + encodeURIComponent(fb_ps_page) + '&amp;send=false&amp;layout=button_count&amp;width=450&amp;show_faces=false&amp;action=like&amp;colorscheme=light&amp;font&amp;height=21&amp;appId=205223179497882" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:21px;" allowTransparency="true"></iframe>');

    As encodeURIComponent does already encode the HTML special chars ", &, and < (/, #, and + too), you don’t need need to encode it for the HTML context any more.

    • 0