HTMLTemplateLiteral
A tag function for producing HTML via template literals
Install
npm install html-template-literal
Import
import {html} from "html-template-literal";
Examples of Features
Automatically escapes HTML entities in substitutions
If you do this:
const userSuppliedString = '<script>alert("Do something evil!");</script>'; html ``;
You will get this:
<script>alert("Do something evil!");</script>
Automatically handles iterable substitutions
If you do this:
{ "Here "; html `be`; "dragons!";} html ``;
You will get this:
Here be dragons!
Automatically handles functions as substitutions
If you do this:
html ` alert("You clicked me")}>Click Me`;
You will get this:
Click Me
Automatically handles promises as substitutions
If you do this:
const ip = ;html `Your IP is `;
You will see this until the response is received:
Your IP is
Then you will see this:
Your IP is 8.8.8.8
Automatically handles elements as substitutions
If you do this:
const element = document;elementinnerText = "be";html `Here dragons!`;
You will get this:
Here be dragons!
If you really know what you are doing, you can bypass the escaping of HTML entities
If you do this:
;const dangerious = ;html ``;
You will get this:
Here be dragons!