Du kan inte välja fler än 25 ämnen
Ämnen måste starta med en bokstav eller siffra, kan innehålla bindestreck ('-') och vara max 35 tecken långa.
Christian Ziermann
b8da0c7023
Initial commit
|
4 år sedan | |
|---|---|---|
| .. | ||
| index.d.ts | 4 år sedan | |
| index.js | 4 år sedan | |
| license | 4 år sedan | |
| package.json | 4 år sedan | |
| readme.md | 4 år sedan | |
readme.md
Escape a string for use in HTML or the inverse
Install
$ npm install escape-goat
Usage
const {htmlEscape, htmlUnescape, htmlEscapeTag, htmlUnescapeTag} = require('escape-goat');
htmlEscape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlUnescape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlEscape('Hello <em>World</em>');
//=> 'Hello <em>World</em>'
const url = 'https://sindresorhus.com?x="🦄"';
htmlEscapeTag`<a href="${url}">Unicorn</a>`;
//=> '<a href="https://sindresorhus.com?x="🦄"">Unicorn</a>'
const escapedUrl = 'https://sindresorhus.com?x="🦄"';
htmlUnescapeTag`URL from HTML: ${url}`;
//=> 'URL from HTML: https://sindresorhus.com?x="🦄"'
API
htmlEscape(string)
Escapes the following characters in the given string argument: & < > " '
htmlUnescape(htmlString)
Unescapes the following HTML entities in the given htmlString argument: & < > " '
htmlEscapeTag
Tagged template literal that escapes interpolated values.
htmlUnescapeTag
Tagged template literal that unescapes interpolated values.
Tip
Ensure you always quote your HTML attributes to prevent possible XSS.
FAQ
Why yet another HTML escaping package?
I couldn’t find one I liked that was tiny, well-tested, and had both .escape() and .unescape().
License
MIT © Sindre Sorhus