Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@tramvai/safe-strings

Package Overview
Dependencies
Maintainers
0
Versions
32
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@tramvai/safe-strings - npm Package Compare versions

Comparing version 0.6.2 to 0.6.3

lib/encodeForURLContext.d.ts

1

lib/utils.d.ts

@@ -8,3 +8,4 @@ export * from './safeStringify';

export * from './encodeForJSContext';
export * from './encodeForURLContext';
export * from './error';
//# sourceMappingURL=utils.d.ts.map

@@ -8,2 +8,3 @@ export { safeStringify } from './safeStringify.es.js';

export { encodeForJSContext } from './encodeForJSContext.es.js';
export { ctrlCharactersRegex, encodeForURLContext, whitespaceEscapeCharsRegex } from './encodeForURLContext.es.js';
export { deserializeError, serializeError } from './error.es.js';

@@ -12,2 +12,3 @@ 'use strict';

var encodeForJSContext = require('./encodeForJSContext.js');
var encodeForURLContext = require('./encodeForURLContext.js');
var error = require('./error.js');

@@ -24,3 +25,6 @@

exports.encodeForJSContext = encodeForJSContext.encodeForJSContext;
exports.ctrlCharactersRegex = encodeForURLContext.ctrlCharactersRegex;
exports.encodeForURLContext = encodeForURLContext.encodeForURLContext;
exports.whitespaceEscapeCharsRegex = encodeForURLContext.whitespaceEscapeCharsRegex;
exports.deserializeError = error.deserializeError;
exports.serializeError = error.serializeError;

4

package.json
{
"name": "@tramvai/safe-strings",
"version": "0.6.2",
"version": "0.6.3",
"description": "",

@@ -12,3 +12,3 @@ "main": "lib/utils.js",

"type": "git",
"url": "git@github.com:Tinkoff/tramvai.git"
"url": "git+ssh://git@github.com/tramvaijs/tramvai.git"
},

@@ -15,0 +15,0 @@ "scripts": {

@@ -28,1 +28,5 @@ # @tramvai/safe-strings

String encoding for JS context - escapes all symbols with possible XSS attack or breaking code - `<`, `>`, `/`, `\u2028`, `\u2029`
### `encodeForURLContext`
String encoding for URL context - escapes all symbols with possible XSS attack or breaking code, removes `javascript:alert('xss')` and other unsafe protocols (`data:`, `vbscript:`)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc