Escape
Simple library for escape or unescape HTML, String, SQL,... for Deno framework.
API
Escape HTML
import { escapeHtml } from "https://deno.land/x/escape/mod.ts";
1. escapeHtml(string: string): string
Escape special characters in the given string of text, such that it can be interpolated in HTML content.
This function will escape the following characters: "
, '
, &
, <
, and
>
.
Note that the escaped value is only suitable for being interpolated into
HTML as the text content of elements in which the tag does not have different
escaping mechanisms (it cannot be placed inside <style>
or <script>
, for
example, as those content bodies are not HTML, but CSS and JavaScript,
respectively; these are known as "raw text elements" in the HTML standard).
Example
The escapeHtml
function is designed to accept a string input of text and
return an escaped value to interpolate into HTML.
import { escapeHtml } from "https://deno.land/x/escape/mod.ts";
console.log(escapeHtml("<script>sample</script>"));
// Result: '<script>sample</script>'
2. isEscape(string: string): boolean
This function will check exist escape the following characters: "
, '
, &
, <
, and
>
.
Example
import { isEscape } from "https://deno.land/x/escape/mod.ts";
console.log(isEscape("<script>sample</script>"));
// Result: true
Un Escape HTML
import { unescapeHtml } from "https://deno.land/x/escape/mod.ts";
1. unescapeHtml(string: string): string
Convert HTML entities to HTML characters, e.g. > converts to >.
Example
The unescapeHtml
function is designed to accept a string input of text and
return an un-escaped value to interpolate into HTML.
import { unescapeHtml } from "https://deno.land/x/escape/mod.ts";
console.log(unescapeHtml("&lt;script&gt;sample&lt;/script&gt;"));
// Result: '<script>sample</script>'
2. isUnescape(string: string): boolean
This function will check exist unescape the following characters: &
, >
, <
, :
, "
and
'
.
Example
import { isUnescape } from "https://deno.land/x/escape/mod.ts";
console.log(isUnescape("&lt;script&gt;sample&lt;/script&gt;"));
// Result: true
Escape SQL
import { escapeSql } from "https://deno.land/x/escape/mod.ts";
1. escapeSql(SqlString: string): string
Escape SQL special characters and quotes in strings.
Example
The unescapeHtml
function is designed to accept a sql string and
return an escaped sql string.
import { escapeSql } from "https://deno.land/x/escape/mod.ts";
console.log(escapeSql("insert into table_exp values('hi, my name''s johnny.');"));
// Result: 'insert into my_table values(\'hi, my name\'\'s johnny.\');'