XSSSecurity Implementation taken from SAP UI5
var xssSecure = require('@sap/xss-secure');
Encode the string for inclusion into CSS string literals or identifiers.
-
string
- The string to be escaped
Returns the escaped string
.
xssSecure.encodeCSS('1<4'); // returns '1\\3c 4'
xssSecure.encodeCSS('a-b'); // returns 'a\2d b'
Encode the string for inclusion into HTML content/attribute.
-
string
- The string to be escaped
Returns the escaped string
.
xssSecure.encodeHTML('1<4'); // returns '1<4'
xssSecure.encodeHTML('\x00'); // returns '�'
Encode the string for inclusion into a JS string literal.
-
string
- The string to be escaped
Returns the escaped string
.
xssSecure.encodeJS('1<4'); // returns '1\\x3c4'
xssSecure.encodeJS('\x00'); // returns '\\x00'
Encode the string for inclusion into an URL parameter.
-
string
- The string to be escaped
Returns the escaped string
.
xssSecure.encodeURL('http://testing.com/?a=1&b="ok"');
// returns 'http%3a%2f%2ftesting.com%2f%3fa%3d1%26b%3d%22ok%22'
Encode the string for inclusion into XML content/attribute.
-
string
- The string to be escaped
Returns the escaped string
.
This function is alias to encodeHTML
.