您最多选择25个主题
主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
Christian Ziermann
b8da0c7023
Initial commit
|
4 年前 | |
|---|---|---|
| .. | ||
| index.d.ts | 4 年前 | |
| index.js | 4 年前 | |
| license | 4 年前 | |
| package.json | 4 年前 | |
| readme.md | 4 年前 | |
readme.md
Escape a string for use in HTML or the inverse
Install
$ npm install escape-goat
Usage
const {htmlEscape, htmlUnescape, htmlEscapeTag, htmlUnescapeTag} = require('escape-goat');
htmlEscape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlUnescape('🦄 & 🐐');
//=> '🦄 & 🐐'
htmlEscape('Hello <em>World</em>');
//=> 'Hello <em>World</em>'
const url = 'https://sindresorhus.com?x="🦄"';
htmlEscapeTag`<a href="${url}">Unicorn</a>`;
//=> '<a href="https://sindresorhus.com?x="🦄"">Unicorn</a>'
const escapedUrl = 'https://sindresorhus.com?x="🦄"';
htmlUnescapeTag`URL from HTML: ${url}`;
//=> 'URL from HTML: https://sindresorhus.com?x="🦄"'
API
htmlEscape(string)
Escapes the following characters in the given string argument: & < > " '
htmlUnescape(htmlString)
Unescapes the following HTML entities in the given htmlString argument: & < > " '
htmlEscapeTag
Tagged template literal that escapes interpolated values.
htmlUnescapeTag
Tagged template literal that unescapes interpolated values.
Tip
Ensure you always quote your HTML attributes to prevent possible XSS.
FAQ
Why yet another HTML escaping package?
I couldn’t find one I liked that was tiny, well-tested, and had both .escape() and .unescape().
License
MIT © Sindre Sorhus