1.0.0 • Published 5 years ago
json_dump v1.0.0
output json object in script tag
<script>
var data = <%=jsonDump({a:1})%>;
</script>
will:
<script>
var data = {a:1};
</script>
also:
<script>
var data = <%=jsonDump('hello')%>; // var data = 'hello';
var data = <%=jsonDump(null)%>; // var data = null;
var data = <%=jsonDump(0)%>; // var data = 0;
var data = <%=jsonDump(false)%>; // var data = false;
</script>
avoid xss leak
<script>
var data = <%=jsonDump('alert(1)')%>; // var data = 'alert(1)'; can`t execute
var data = <%=jsonDump('</script>')%>; // var data = '<\/script>'; can`t end interrupt tag
</script>