decode-uri-component
Advanced tools
The decode-uri-component package is designed to provide a more robust and comprehensive solution for decoding URI components than the native JavaScript decodeURIComponent function. It aims to correctly handle all the nuances of URI encoding, including decoding characters that the native function may not handle correctly.
Decoding URI components
This feature allows you to decode URI components that may contain encoded representations of characters that could be used in XSS attacks or other malicious activities. The code sample demonstrates how to decode a URI component that represents a script tag with an alert function, which would be a potential security risk if not properly decoded.
"use strict";\nconst decodeUriComponent = require('decode-uri-component');\nconsole.log(decodeUriComponent('%3Cscript%3Ealert(%27XSS%27)%3C%2Fscript%3E'));The query-string package is used for parsing and stringifying URL query strings. It offers similar functionality in terms of decoding URI components as part of its parsing process. However, it is more focused on handling the entire query string rather than just individual URI components.
Similar to query-string, the qs package provides methods for parsing and stringifying query strings. It can decode URI components when parsing query strings. qs is known for its depth control and array parsing capabilities, making it more versatile for complex query strings compared to decode-uri-component, which focuses solely on decoding.
A better decodeURIComponent
�.$ npm install --save decode-uri-component
import decodeUriComponent from 'decode-uri-component';
decodeUriComponent('%25');
//=> '%'
decodeUriComponent('%');
//=> '%'
decodeUriComponent('st%C3%A5le');
//=> 'ståle'
decodeUriComponent('%st%C3%A5le%');
//=> '%ståle%'
decodeUriComponent('%%7Bst%C3%A5le%7D%');
//=> '%{ståle}%'
decodeUriComponent('%7B%ab%%7C%de%%7D');
//=> '{%ab%|%de%}'
decodeUriComponent('%FE%FF');
//=> '\uFFFD\uFFFD'
decodeUriComponent('%C2');
//=> '\uFFFD'
decodeUriComponent('%C2%B5');
//=> 'µ'
Type: string
An encoded component of a Uniform Resource Identifier.
MIT © Sam Verschueren
FAQs
A better decodeURIComponent
The npm package decode-uri-component receives a total of 13,235,012 weekly downloads. As such, decode-uri-component popularity was classified as popular.
We found that decode-uri-component demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.