Nevar pievienot vairāk kā 25 tēmas
Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
Christian Ziermann
b8da0c7023
Initial commit
|
pirms 4 gadiem | |
|---|---|---|
| .. | ||
| index.d.ts | pirms 4 gadiem | |
| index.js | pirms 4 gadiem | |
| license | pirms 4 gadiem | |
| package.json | pirms 4 gadiem | |
| readme.md | pirms 4 gadiem | |
readme.md
Escape a string for use in HTML or the inverse
Install
$ npm install escape-goat
Usage
const {htmlEscape, htmlUnescape, htmlEscapeTag, htmlUnescapeTag} = require('escape-goat');
htmlEscape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlUnescape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlEscape('Hello <em>World</em>');
//=> 'Hello <em>World</em>'
const url = 'https://sindresorhus.com?x="🦄"';
htmlEscapeTag`<a href="${url}">Unicorn</a>`;
//=> '<a href="https://sindresorhus.com?x="🦄"">Unicorn</a>'
const escapedUrl = 'https://sindresorhus.com?x="🦄"';
htmlUnescapeTag`URL from HTML: ${url}`;
//=> 'URL from HTML: https://sindresorhus.com?x="🦄"'
API
htmlEscape(string)
Escapes the following characters in the given string argument: & < > " '
htmlUnescape(htmlString)
Unescapes the following HTML entities in the given htmlString argument: & < > " '
htmlEscapeTag
Tagged template literal that escapes interpolated values.
htmlUnescapeTag
Tagged template literal that unescapes interpolated values.
Tip
Ensure you always quote your HTML attributes to prevent possible XSS.
FAQ
Why yet another HTML escaping package?
I couldn’t find one I liked that was tiny, well-tested, and had both .escape() and .unescape().
License
MIT © Sindre Sorhus