npm
Sign UpSign In

html-escape
DefinitelyTyped icon, indicating that this package has TypeScript declarations provided by the separate @types/html-escape package

2.0.0 • Public • Published

html-escape

Escape a string to be safe for use in html. &, <, ', and " characters are replaced with with their named character references: &amp;, &lt;, &apos;, and &quot;. Escaped strings will be safe for use in the following contexts:

Example

var escape = require("html-escape");
var xssAttempt = "Hello <script>while(1);</script> world!";
// Output safe html
console.log("<p>" + escape(xssAttempt) + "</p>");
// "<p>Hello &lt;script>while(1);&lt;/script> world!</p>"

Installation

npm install html-escape

Versions

Current Tags

  • Version
    Downloads (Last 7 Days)
    • Tag
  • 2.0.0
    1,075
    • latest

Version History

  • Version
    Downloads (Last 7 Days)
    • Published
  • 2.0.0
    1,075
  • 1.0.2
    1,708
  • 1.0.1
    0
  • 1.0.0
    548

Package Sidebar

Install

npm i html-escape

Repository

github.com/parshap/html-escape

Homepage

github.com/parshap/html-escape#readme

Weekly Downloads

3,331

Version

2.0.0

License

Public Domain

Last publish

Collaborators

  • parshap
Try on RunKit
Report malware