JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 224
  • Score
    100M100P100Q87918F
  • License MIT

html xss escaping function

Package Exports

  • xss-escape

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (xss-escape) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

#xss-escape

Escapes your strings and objects or arrays of strings for prevention of Cross Site Scripting attacks.

Escapes the following characters to there respective html character codes.

'&' -> '&' '<' -> '<' '>' -> '>' '"' -> '"' "'" -> ''' '/' -> '/'

##In NodeJS npm install xss-escape

var xssEscape = require('xss-escape');
var escapedString = xssEscape(unsafeString);

##In the Browser

<script src="path/to/xss-escape.js"></script>
<script>
    var escapedString = xssEscape(unsafeString);
</script>

##Can be used with nested objects or arrays.

var escapedObject = xssEscape({ a: 'foo', [{ b: 'bar' }, 'baz' ] });

##Run Tests While in the projects root directory run. npm install nodeunit test.js