2.0.0 • Published 8 years ago

html-escape v2.0.0

Weekly downloads
4,561
License
Public Domain
Repository
github
Last release
8 years ago

html-escape

Escape a string to be safe for use in html. &, <, ', and " characters are replaced with with their named character references: &amp;, &lt;, &apos;, and &quot;. Escaped strings will be safe for use in the following contexts:

Example

var escape = require("html-escape");
var xssAttempt = "Hello <script>while(1);</script> world!";
// Output safe html
console.log("<p>" + escape(xssAttempt) + "</p>");
// "<p>Hello &lt;script>while(1);&lt;/script> world!</p>"

Installation

npm install html-escape
htmlhtml entitiesescapexss
express-uglify-assets@infinitebrahmanuniverse/nolb-html-e@everything-registry/sub-chunk-1867overpass-layerpatch-bookpatchapp-threadspatchcoreyap-appyap-utiltaurinssb-patchworktwitter-unroll-htmlfetch-ficecmarkupgrunt-markup-markdowngitbook-plugin-acegitbook-plugin-purs-example@netatwork/var-svg-loader@rewired/hhgulp-html-escapeinnerloadddm-embeddabledata-file-generatorhtml-linkifyjsonview-vue@statsim/app@blacklight-cms/coreblacklight-corenodechannodejs-ctx-defensechat-box-jsneutron-adtcater-build@xorgram/xormeepworksnxus-web
2.0.0

8 years ago

1.0.2

9 years ago

1.0.1

11 years ago

1.0.0

11 years ago