Skip to content

v1.0.0

Latest
Compare
Choose a tag to compare
@Radagaisus Radagaisus released this 28 Apr 12:18
· 2 commits to master since this release

Escape HTML entities in JSON.stringify, using a replacer method.

> var escape_html_entities = require('escape-html-in-json')
> var object = {name: "<script>alert('hacked');</script>"}
> JSON.stringify(object)
'{"name":"<script>alert(\'hacked\');</script>"}'
> JSON.stringify(object, escape_html_entities)
'{"name":"&lt;script&gt;alert(&#39;hacked&#39;);&lt;/script&gt;"}'