Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

bel

Package Overview
Dependencies
Maintainers
5
Versions
29
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

bel - npm Package Compare versions

Comparing version 5.0.3 to 5.1.0

raw.js
test/raw.js

2

package.json
{
"name": "bel",
"version": "5.0.3",
"version": "5.1.0",
"description": "A simple extension to native elements",

@@ -5,0 +5,0 @@ "main": "index.js",

21

README.md

@@ -143,2 +143,23 @@ # [bel](https://en.wikipedia.org/wiki/Bel_(mythology))

## unescaping
bel escapes `${values}` within template literals. Sometimes that is not desirable; for instance, when parsing a string with markdown, which returns HTML.
To unescape values, use the `raw` method:
```js
var bel = require('bel')
var raw = require('bel/raw')
function example () {
var output = '<strong>hello there</strong>'
return bel`
<div>${raw(output)}</div>
`
}
```
Make sure that you are sticking to the security suggestions above, and sanitize any input for malicious code before using `raw`.
## similar projects

@@ -145,0 +166,0 @@

1

test/index.js
require('./api.js')
require('./elements.js')
require('./raw.js')

11

test/server.js
var test = require('tape')
var bel = require('../')
var raw = require('../')

@@ -34,1 +35,11 @@ test('server side render', function (t) {

})
test('unescape html', function (t) {
t.plan(1)
var expected = '<span>Hello <strong>there</strong></span>'
var result = raw('<span>Hello <strong>there</strong></span>').toString()
t.equal(expected, result)
t.end()
})
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc