houdini

Node.js bindings for Houdini, a text escaping library by GitHub.

node-houdini

Node.js bindings for Houdini, a text escaping library by GitHub.

Bundled Houdini version: e6f0ec96b85578a2fd8ab79af84493cad3a84cfb

From Houdini's README:

Houdini is a simple API for escaping text for the web. And unescaping it. But that kind of breaks the joke in the name so nevermind.

  • HTML escaping follows the OWASP suggestion. All other entities are left as-is.

      & --> &
      < --> &lt;
      > --> &gt;
      " --> &quot;
      ' --> &#x27;     &apos; is not recommended
      / --> &#x2F;     forward slash is included as it helps end an HTML entity
    
  • HTML unescaping is fully RFC-compliant. Yes, that's the 253 different entities for you, and decimal/hex code point specifiers.

  • URI escaping and unescaping is fully RFC-compliant.

  • URL escaping and unescaping is the same as generic URIs, but spaces are changed to +.

$ npm install -g node-gyp
$ npm install houdini
var houdini = require('houdini');
 
var str = 'A & B > C';
 
var escaped = houdini.escapeHTML(str); // A &amp; B &gt; C 
 
var unescaped = houdini.unescapeHTML(escaped); // A & B > C 

All the methods return the (un)escaped string.

node-houdini is released under the MIT license.