npm
Sign UpSign In

safe-string

1.0.1 • Public • Published

safe-string

build status dependencies status npm version

Escapes HTML characters and JavaScript line terminators

Adapted from serialize-javascript.

The use case of this module is to safely embed content into a <script> element within an HTML document.

Usage

const safeString = require('safe-string');
 
const string = JSON.stringify({foo: '</script>'});
// => '{"foo":"</script>"}'
 
const escaped = safeString(string);
// => '{"foo":"\u003C\u002Fscript\u003E"}'
 
const html = `<script type="application/json">${escaped}</script>`;
// => '<script type="application/json">{"foo":"\u003C\u002Fscript\u003E"}</script>'
 
const parsed = JSON.parse(escaped);
// => {foo: '</script>'}

See Also

Versions

Current Tags

VersionDownloads (Last 7 Days)Tag
1.0.118latest

Version History

VersionDownloads (Last 7 Days)Published
1.0.118
1.0.00
0.1.00

Package Sidebar

Install

npm i safe-string

Repository

github.com/rtsao/safe-string

Homepage

github.com/rtsao/safe-string

Weekly Downloads

18

Version

1.0.1

License

MIT

Last publish

Collaborators

  • rtsao
Try on RunKit
Report malware