Html
HTML utility functions for escaping and working with HTML content.
Import
typescript
import { Html } from '@wollybeard/kit'typescript
import * as Html from '@wollybeard/kit/html'Functions
[F] escape
typescript
(string: unknown): stringParameters:
string- The string to escape (will be coerced to string if not already)
Returns: The escaped string safe for use in HTML
Escape HTML special characters to prevent XSS vulnerabilities.
Converts the following characters to their HTML entity equivalents:
"→"'→'&→&<→<>→>
Examples:
typescript
Html.escape('Use Array<T> or Record<K, V>')
// => 'Use Array<T> or Record<K, V>'
Html.escape('<script>alert("xss")</script>')
// => '<script>alert("xss")</script>'