New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@sap/xss-secure

Package Overview
Dependencies
Maintainers
0
Versions
13
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sap/xss-secure

XSS Secure

5.3.0
latest
npm
Version published
Weekly downloads
996
13.44%
Maintainers
0
Weekly downloads
 
Created
Source

@sap/xss-secure

XSSSecurity Implementation taken from SAP UI5

Usage

var xssSecure = require('@sap/xss-secure');

API Reference

encodeCSS(string)

Encode the string for inclusion into CSS string literals or identifiers.

  • string - The string to be escaped

Returns the escaped string.

xssSecure.encodeCSS('1<4'); // returns '1\\3c 4'
xssSecure.encodeCSS('a-b'); // returns 'a\2d b'
encodeHTML(string)

Encode the string for inclusion into HTML content/attribute.

  • string - The string to be escaped

Returns the escaped string.

xssSecure.encodeHTML('1<4');  // returns '1&lt;4'
xssSecure.encodeHTML('\x00'); // returns '&#xfffd;'
encodeJS(string)

Encode the string for inclusion into a JS string literal.

  • string - The string to be escaped

Returns the escaped string.

xssSecure.encodeJS('1<4');  // returns '1\\x3c4'
xssSecure.encodeJS('\x00'); // returns '\\x00'
encodeURL(string)

Encode the string for inclusion into an URL parameter.

  • string - The string to be escaped

Returns the escaped string.

xssSecure.encodeURL('http://testing.com/?a=1&b="ok"');
// returns 'http%3a%2f%2ftesting.com%2f%3fa%3d1%26b%3d%22ok%22'
encodeXML(string)

Encode the string for inclusion into XML content/attribute.

  • string - The string to be escaped

Returns the escaped string. This function is alias to encodeHTML.

FAQs

Package last updated on 06 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket and Seal Security Collaborate to Fix Critical npm Overrides Bug

Security News

Socket and Seal Security Collaborate to Fix Critical npm Overrides Bug

Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.

By Sarah Gooding  -  Mar 11, 2025