html-escape
Escape reserved HTML characters
Last updated 11 years ago by parshap .
Public Domain · Repository · Bugs · Original npm · Tarball · package.json
$ npm install html-escape 
SYNC missed versions from official npm registry.

html-escape

Escape a string to be safe for use in html. &, <, ', and " characters are replaced with with their named character references: &amp;, &lt;, &apos;, and &quot;. Escaped strings will be safe for use in the following contexts:

Example

var escape = require("html-escape");
var xssAttempt = "Hello <script>while(1);</script> world!";
// Output safe html
console.log("<p>" + escape(xssAttempt) + "</p>");
// "<p>Hello &lt;script>while(1);&lt;/script> world!</p>"

Installation

npm install html-escape

Current Tags

  • 2.0.0                                ...           latest (9 years ago)

4 Versions

  • 2.0.0                                ...           9 years ago
  • 1.0.2                                ...           10 years ago
  • 1.0.1                                ...           11 years ago
  • 1.0.0                                ...           11 years ago
Maintainers (1)
Downloads
Total 1
Today 0
This Week 1
This Month 1
Last Day 1
Last Week 0
Last Month 0
Dependencies (0)
None
Dev Dependencies (1)
Dependents (1)

© 2010 - cnpmjs.org x YWFE | Home | YWFE