Installation
npm install --save @types/html-escape
Summary
This package contains type definitions for html-escape (https://github.com/parshap/html-escape).
Details
Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/html-escape.
index.d.ts
/**
* Escape a string to be safe for use in html. `&`, `<`, `'`, and `"`
* characters are replaced with with their [named character references][]:
* `&`, `<`, `'`, and `"`. Escaped strings will be safe
* for use in the following contexts:
*
* * [RCDATA][] and [DATA][html-data] (content of all elements except for
* `<script>` and `<style>`)
* * [Single-quoted attribute values][html-single-attribute] `'`
* * [Double-quoted attribute values][html-double-attribute] `"`
*
* [named character references]: https://html.spec.whatwg.org/multipage/syntax.html#named-character-references
* [html-data]: https://html.spec.whatwg.org/multipage/syntax.html#data-state
* [rcdata]: https://html.spec.whatwg.org/multipage/syntax.html#rcdata-state
* [html-single-attribute]: https://html.spec.whatwg.org/multipage/syntax.html#attribute-value-(single-quoted)-state
* [html-double-attribute]: https://html.spec.whatwg.org/multipage/syntax.html#attribute-value-(double-quoted)-state
*
* @param str The plain text to escape HTML markup in.
* @return The text with HTML markup safely escaped.
*
* @example
* ```js
* var escape = require("html-escape");
* var xssAttempt = "Hello <script>while(1);</script> world!";
* // Output safe html
* console.log("<p>" + escape(xssAttempt) + "</p>");
* // "<p>Hello <script>while(1);</script> world!</p>"
* ```
*/
declare function htmlEscape(str: string): string;
export = htmlEscape;
Additional Details
- Last updated: Tue, 07 Nov 2023 20:08:00 GMT
- Dependencies: none
Credits
These definitions were written by ExE Boss.