.. | ||
dangerous.json | ||
index.js | ||
license | ||
package.json | ||
readme.md |
stringify-entities
Encode HTML character references and character entities.
- Very fast
- Just the encoding part
- Reliable:
'`'
characters are escaped to ensure no scripts run in IE6-8. Additionally, only named entities recognised by HTML4 are encoded, meaning the infamous'
(which people think is a virus) won’t show up
Algorithm
By default, all dangerous, non-ASCII, or non-printable ASCII characters
are encoded. A subset of characters can be given to encode just
those characters. Alternatively, pass escapeOnly
to
escape just the dangerous characters ("
, '
, <
, >
, &
, `
).
By default, numeric entities are used. Pass useNamedReferences
to use named entities when possible, or useShortestReferences
to use them if that results in less bytes.
Installation
npm:
npm install stringify-entities
Usage
var stringify = require('stringify-entities')
stringify('alpha © bravo ≠ charlie 𝌆 delta')
// => 'alpha © bravo ≠ charlie 𝌆 delta'
stringify('alpha © bravo ≠ charlie 𝌆 delta', {useNamedReferences: true})
// => 'alpha © bravo ≠ charlie 𝌆 delta'
API
stringifyEntities(value[, options])
Encode special characters in value
.
options
options.escapeOnly
Whether to only escape possibly dangerous characters (boolean
,
default: false
). Those characters are "
, '
, <
, >
&
, and
`
.
options.subset
Whether to only escape the given subset of characters (Array.<string>
).
options.useNamedReferences
Whether to use named entities where possible (boolean?
, default:
false
).
options.useShortestReferences
Whether to use named entities, where possible, if that results in less
bytes (boolean?
, default: false
). Note: useNamedReferences
can be omitted when using useShortestReferences
.
options.omitOptionalSemicolons
Whether to omit semi-colons when possible (boolean?
, default: false
).
Note: This creates parse errors: don’t use this except when building
a minifier.
Omitting semi-colons is possible for certain legacy named references, and numeric entities, in some cases.
options.attribute
Only needed when operating dangerously with omitOptionalSemicolons: true
.
Create entities which don’t fail in attributes (boolean?
, default:
false
).
Related
parse-entities
— Parse HTML character referencescharacter-entities
— Info on character entitiescharacter-entities-html4
— Info on HTML4 character entitiescharacter-entities-legacy
— Info on legacy character entitiescharacter-reference-invalid
— Info on invalid numeric character references