npm
Sign UpSign In

escape_html_uri

1.1.5 • Public • Published

escapeHTML_URI Entities

... #escapeHTML_URI Entities ...

The Goal Of escapeHTML_URI Script Is To Prevent SQLi, XSS & Related Attacks By Escaping HTML, URI, Base64 & Unicode Entities.
escapeHTML_URI Can Process All JavaScript Object Types; Encode The Input (no matter the Object depth); & Output The Result With The Same Object Type As The Input Value.

SupportedHTML/URI/Base64/UnicodeEntities Are 

  <>&/,:;"`\'|{ }$!()*-#[]=~_.+%

UPDATE

Version: 1.1.5
  1. Implemented Unicode Encoding Option
Version: 1.1.4
  1. Optimized Code
  2. Added + & % To The Entities
Version: 1.1.3
  1. Fixed atob() & btoa() For Node.js
Version: 1.1.0
  1. Auto Escapes Base64 Entities
  2. Disabled Function Execution
  3. Added _ & . To The Entities

Using Script Without Installing

Use On replit 
// Navigate To https://replit.com/languages/Nodejs#index.js
// On replit Call...

const escapeHTML_URI = require("escape_html_uri");

escapeHTML_URI(
  { b: [true, 26, "Bree", ":", "</>", null, undefined] },
  "uri",
  ":</>"
);

// Replit Output Below...
{
  b: [
    true,
    26,
    "Bree",
    "%3A",
    "%3C%2F%3E",
    "A Valid Input Is Required Here...",
    "A Valid Input Is Required Here...",
  ];
}

Setup In Project

HTML Script
<script src="escapeHTML_URI.js"></script>

Installation

NPM Installation 
npm i escape_html_uri

Clone Repo

GitHub Repo 
gh repo clone Sidodus/escapeHTML_URI

Import To Project

ES5 module:
const escapeHTML_URI = require("escape_html_uri");
ES6 module:
import { escapeHTML_URI } from "escape_html_uri";
AMD loader libraries such as requireJS:
require(["escape_html_uri"], function (html) {
  // Use escape_html_uri here in local scope.
});

Use In Project: 

escapeHTML_URI(html, encodeFormat, htmlEncodeEntity);

EXPLANATION

escapeHTML_URI(html, encodeFormat, htmlEncodeEntity) Takes In 3 Arguments, With only The 1st Argument Being Compulsory. html = Input To Encode (COMPULSORY) encodeFormat = The Encode Format e.g (html OR uri OR unicode) (OPTIONAL) htmlEncodeEntity = Your Custom HTML / URI Encode Entity Based On Supported Entities (OPTIONAL)

NOTE:

  • Argument 2 Defaults To html If null Is Supplied, OR Argument Is Empty.
  • You Can Decide Which Html OR URI OR Unicode Entity To Encode In Argument 3
  • Argument 3 Defaults To <>&/,:;"`\'|{ }$!()*-#[]=~_. If Nothing Is Supplied.
  • escapeHTML_URI Would Not Encode Any Entity If An Empty String ("") Is Supplied In Argument 3 e.g escapeHTML_URI(">", null, "")
  • Unsupported Html OR URI OR Unicode Entity Values Are Ignored In Argument 3

EXAMPLES

Input Type = String
escapeHTML_URI("<script>alert(1337)</script>");

Output = &lt;script&gt;alert&#x28;1337&#x29;&lt;&#x2f;script&gt;
Input Type = Array
1st Optional Argument = html
escapeHTML_URI(["<", ">", "&", "/", ",", ":", ";", """, "`", "\", "'", "|", "{", "}", "$", " ", "!", "(", ")", "*", "-", "#", "[", "]", "=", "~"], "html");

Output = ["&lt;", "&gt;", "&amp&#x3b;", "&#x2f;", "&#x2c;", "&#x3a;", "&#x3b;", "&quot;", "&#x60;", "&#x5c;", "&apos;", "&#x7c;", "&#x7b;", "&#x7d;", "&#x24;", "&nbsp;", "&#x21;", "&#x28;", "&#x29;", "&#x2a;", "&#x2d;", "&#x23&#x3b;", "&#x5b;", "&#x5d;", "&#x3d;", "&#x7e;"];
Input Type = Object
1st Optional Argument = uri
escapeHTML_URI(
  { a: "<", b: ">", c: "\\", "{": "}", x: "<24>", y: "/", z: "{26}" },
  "uri"
);

Output = {
  a: "%3C",
  z: "%3E",
  c: "%5C",
  x: "%3C24%3E",
  y: "%2F",
  z: "%7B26%7D",
  "{": "%7D",
};
Input Type = String
1st Optional Argument = uri
2nd Optional Argument = </>
escapeHTML_URI("<script>alert(1337)<\/script>", "uri", "</>");

Output = %3Cscript%3Ealert(1337)%3C%2Fscript%3E;
Input Type = Base64 String
1st Optional Argument = unicode
2nd Optional Argument = ://
escapeHTML_URI("aHR0cDovL2V4YW1wbGUuY29t", "unicode", "://");

Output = aHR0cFx1MDAzYVx1MDAyZlx1MDAyZmV4YW1wbGUuY29t;
Input Type = String
1st Optional Argument = unicode
2nd Optional Argument = ://
escapeHTML_URI("http://example.com", "unicode", "://");

Output = http\u003a\u002f\u002fexample.com;
Input Type = Object
1st Optional Argument = null
2nd Optional Argument = <>&amp;/,:;\{ }()
escapeHTML_URI(
  {
    f: {
      str: "<script>alert(1337)<\\/script>",
      e: {
        arr: [1, ">", "a", "<", 2, "b", "{", 3, "c"],
        d: {
          func: () => "hello World",
          func2: () => () => "Hello JavaScript",
          c: {
            NulL: null,
            undefined,
            b: {
              Bool: true,
              a: {
                Bool: false,
                obj: {
                  g: "$",
                  obj1: { a: ">" },
                  obj2: { b: "</script>", g: () => "hello World" },
                  obj3: { b: ["z", 26, "Bree", ":", "</>"] },
                  str2: "<script>alert(1337)<\\/script>",
                  NoMansLand: "NoMansLand",
                  arr: [1, ">", "a", "<", 2, "b", "{", 3, "c"],
                },
                str3: "<script>alert(1337)<\\/script>",
                arr2: [1, ">", "a", "<", 2, "b", "{", 3, "c"],
                func3: () => () => () => "hello World",
                uri: "http\\u00253A\\u00252F\\u00252Fexample.com",
                Base64: "PHNjcmlwdD5hbGVydCgxMzM3KTxcL3NjcmlwdD4=",
                base64:
                  "VlVWb1QyRnRUblJpU0dSclVrUldiMWxyWkZkbFYxSkVXak5vVG1Wck1IcFRNVkl6WkcxTmVWUnViR2hYUlVsM1ZVZGpPVkJSUFQwPQ==",
              },
            },
          },
        },
      },
    },
  },
  null,
  "<>&;/,:;{ }()"
);

Output = {
  f: {
    str: "&lt;script&gt;alert&#x28;1337&#x29;&lt;&#x2f;script&gt;",
    e: {
      arr: [1, "&gt;", "a", "&lt;", 2, "b", "&#x7b;", 3, "c"],
      d: {
        func: '&#x28;&#x29;&nbsp;=&gt;&nbsp;"hello&nbsp;World"',
        func2:
          '&#x28;&#x29;&nbsp;=&gt;&nbsp;&#x28;&#x29;&nbsp;=&gt;&nbsp;"Hello&nbsp;JavaScript"',
        c: {
          NulL: "A Valid Input Is Required Here...",
          undefined: "A Valid Input Is Required Here...",
          b: {
            Bool: true,
            a: {
              Bool: false,
              obj: {
                g: "$",
                obj1: {
                  a: "&gt;",
                },
                obj2: {
                  b: "&lt;&#x2f;script&gt;",
                  g: '&#x28;&#x29;&nbsp;=&gt;&nbsp;"hello&nbsp;World"',
                },
                obj3: {
                  b: ["z", 26, "Bree", "&#x3a;", "&lt;&#x2f;&gt;"],
                },
                str2: "&lt;script&gt;alert&#x28;1337&#x29;&lt;&#x2f;script&gt;",
                NoMansLand: "NoMansLand",
                arr: [1, "&gt;", "a", "&lt;", 2, "b", "&#x7b;", 3, "c"],
              },
              str3: "&lt;script&gt;alert&#x28;1337&#x29;&lt;&#x2f;script&gt;",
              arr2: [1, "&gt;", "a", "&lt;", 2, "b", "&#x7b;", 3, "c"],
              func3:
                '&#x28;&#x29;&nbsp;=&gt;&nbsp;&#x28;&#x29;&nbsp;=&gt;&nbsp;&#x28;&#x29;&nbsp;=&gt;&nbsp;"hello&nbsp;World"',
              uri: "http&#x5c;u00253A&#x5c;u00252F&#x5c;u00252Fexample&#x2e;com",
              Base64:
                "Jmx0O3NjcmlwdCZndDthbGVydCYjeDI4OzEzMzcmI3gyOTsmbHQ7XCYjeDJmO3NjcmlwdCZndDs=",
              base64:
                "VTIweE5FMUZPSHBVYlhCcVlsZDRNMXBGVG1GaWJWSkZaRWRvYVZJeFdqVmFSVTVhWVcxV1JWTlVVbEJsYTFZMlZGaHdhbUpWYTNwYU0yeFFWa2hPZEZscmFGSk9NSEJ3VkdwU1RtSldhek5aZWtwUFpWZEdXVkZxUWt0aVYxRjNWRE5qT1ZCUlBUMD0=",
            },
          },
        },
      },
    },
  },
};



Developed By Saheed Odulaja.

Readme

Keywords

Package Sidebar

Install

npm i escape_html_uri

Repository

github.com/Sidodus/escapeHTML_URI

Homepage

github.com/Sidodus/escapeHTML_URI#readme

Weekly Downloads

1

Version

1.1.5

License

MIT

Unpacked Size

18.5 kB

Total Files

4

Last publish

Collaborators

  • sidodus
Try on RunKit
Report malware