escape-html-in-json
Escape HTML entities in JSON.stringify
, using a replacer method.
> var escape_html_entities = > var object = name: "<script>alert('hacked');</script>"> JSON'{"name":"<script>alert(\'hacked\');</script>"}'> JSON'{"name":"<script>alert('hacked');</script>"}'