npm
Sign UpSign In

eskape

1.2.0 • Public • Published

eskape

html escaping as an es6 tagged template string in 1k min+gz.

Installation

npm install --save eskape

Usage

eskape escapes all of the interpolated values in the template string, but assumes all literal content is safe. This is often a good assumption when performing quick, one-off templating like so:

var eskape = require('eskape');
 
var userinput = "<script>alert('gotcha')</script>";
document.body.innerHTML = eskape`
  <html>
    <body>
      Hello, ${userinput}
    </body>
  </html>`;

This will set the body's html content to the literal html content in the string, but will escape the userinput value.

License

(c) 2016 Will Binns-Smith. Licensed MIT.

Versions

Current Tags

  • Version
    Downloads (Last 7 Days)
    • Tag
  • 1.2.0
    168
    • latest

Version History

  • Version
    Downloads (Last 7 Days)
    • Published
  • 1.2.0
    168
  • 1.1.0
    0
  • 1.0.4
    0
  • 1.0.3
    0
  • 1.0.2
    0

Package Sidebar

Install

npm i eskape

Weekly Downloads

168

Version

1.2.0

License

MIT

Last publish

Collaborators

  • wbinnssmith
Try on RunKit
Report malware