/* ============================================================================
   Shared helpers for the admin dashboard pages. Loaded before dashboard.js /
   detail.js; each page's IIFE pulls these off window.mbproxyUtil so the HTML-
   escaping logic has exactly one definition.
   ========================================================================= */
'use strict';

(function () {
  /** Escapes the three HTML-significant characters for safe text-node insertion. */
  function escapeHtml(s) {
    return String(s).replace(/[&<>]/g, c => ({ '&': '&amp;', '<': '&lt;', '>': '&gt;' }[c]));
  }

  /** Escapes a value for use inside a double-quoted HTML attribute. */
  function escapeAttr(s) {
    return escapeHtml(s).replace(/"/g, '&quot;');
  }

  window.mbproxyUtil = { escapeHtml, escapeAttr };
})();