html-escape

Escape reserved HTML characters

npm install html-escape
2 downloads in the last day
17 downloads in the last week
60 downloads in the last month

html-escape

Escape a string to be safe for use in HTML by replacing all five reserved characters (&<>'") with their respective entity.

Example

var escape = require("html-escape");

var xss = "Hello <script>while(1);</script> world!";

// Produce html that could be safely used
console.log("<p>" + escape(xss) + "</p>");

Installation

npm install html-escape
npm loves you